: Are you guys doing a free Rp Easter giveaway? My friend said he's currently doing it. If not I should probably stop him...
Definitely not...hope I didn't catch this one too late! Please show your friend this post and make sure they scan their computer/update their League password as soon as possible!
: Permaban for False Accusation of "3rd Party Program or Modifications"
Hey @OP -- Borrower and I took another look at your account and confirmed that the detection on the account is accurate. It was picked up for cheating in some URF games back in early March. Poking further, however, it looks like this took place on under some rogue access on the account from another state. We've forced reset the password on your account as a precaution, but you should be able to log in again once you complete it as the suspension has been lifted as a one-time exception. Apologies for missing this the first time. Here's some additional tips on account security in case you need it: https://support.riotgames.com/hc/en-us/articles/201751664
o Eon O (NA)
: Does Riot Ever Ban Boosted Players?
Yes, we do. It's not always immediate, but we are working on that. Every season, we work to improve and iterate on detection as well. You will see a lot of QQ towards the end of the season as the rewards are stripped from the account and punishments begin rolling out. You can find a breakdown of the levels of punishments [here](https://support.riotgames.com/hc/en-us/articles/201751834-MMR-Elo-Boosting). If you are curious about the detection method itself, we've shared what we can on this [page](https://support.riotgames.com/hc/en-us/articles/204168430-MMR-Boosting-Detection).
: Do you happen to know if there are any plans for improving security around League of Legends accounts? Even something like Steam's validation service (i.e. notice login from new device, send verification code to related email account, prompt for code to allow login) would be fantastic. Curious if anything is planned or under development.
Heyo -- I'm not on the team that is working on this, but I did poke someone there to see where we are at. Looks like they are currently exploring options for 2FA implementation, but don't have a solid timeline on when the discovery will be complete and work starts on actual implementation. A current proof of concept is live on PBE as SMS, but I think that may have been there for a bit already. TL;DR - It does look like it's being explored a bit more this year!
: Or even better: * Don't re-use your passwords. * Don't use the same password for multiple services. One of the reasons why database breaches like cloudbleed are so dangerous, is because people are surprisingly dumb when it comes to their IT security, and use the samepassword for facebook, gmail, league, wow, instagram, snapchat, whatsapp,...and that new webservice which just happens to get hacked. Guess what the first thing someone who gets his hands on one of the lists does after hashbreaking passwords? HE TRIES THE EMAIL-PW COMBINATION ON EVERY OTHER WEBSERVICE. And that isn't done by hand folks. There are scripts that do that. Automatically. Millions of passwords in a few minutes. So: Start using different passwords, for different services!! And if you have trouble remembering passwords: --- --- #--------------------- GET A GODAMN PASSWORD MANAGER!! --------------------- --- --- And learn how to use it. There are multiple open source options to be had in that area, that do not cost any money, offer great functionality, are super easy to set up and work on almost every operating system (including mobile ones, however, if you set up your pw manager on a phone, you are begging for security problem.) All you have to do is remember ONE single password (which should actually not be a password, but a really really long and complicated pass-phrase) to unlock the PW manager. And if you cannot remember one strong passphrase, well,... https://www.youtube.com/watch?v=lOfZLb33uCg
  Rioter Comments
: Can we do more to raise awareness about these "Free skins" scams?
Hey OP, We do post things occasionally to try and raise awareness, especially for people that may be new to League or that don't check boards. Here's a cute campaign that was run by the EU team a few months ago: http://euw.leagueoflegends.com/en/page/account-security-education that I believe may have come from the BR region originally (don't quote me on that, I can't remember >_< !! ) We also have Knowledge Base articles that have a ton of tips as well. There are warnings for clicking on links in the client too (before opening the browser). It's good feedback to know that the cadence of these warnings may be less than ideal and that the penetration of the message does not seem to be reaching enough people. I'll see what else we can do to try and increase awareness elsewhere. Thank you!
: Melledoneus leave mah top comment alone ;-; Just a warning to all you summoners out there. These links have been popping up mostly in Riot's announcements threads and are disguised with words. For example, one of them said something like "Wow this is the best change so far!" but the link took you to a free RP website. The comment underneath was upvoted nearly 50 times using alternate accounts saying "This was what they showed on the twitch stream right? Yeah this is hella cool." They get taken down pretty quickly, but Riot can't instantly delete these sorts of things. Just because a comment has upvotes doesn't mean it's legit. Don't click on a link that's disguised with words if it's posted in a thread by Riot. They do that because everybody will see it if Riot posts it. Other threads are usually safe. Anyone who tries to point out its fake gets downvoted like 50 times by the scammers' alt accounts. You can tell, despite the upvotes, because these accounts will never be level 30. Hope that helps!
  Rioter Comments
Juzza (OCE)
: A reward for 6 years of League.
Hey Juzza - Thanks for taking the time to write this up. I did a little prodding and reached out to a few people in Player Support to see what happened. This particular case was difficult to establish compromise due to the access that was being seen on the account. Further review leads us to believe that your email itself was compromised and that’s how they were able to get into your League of Legends account with a password reset. I’m not sure when the last time you changed your password was, but I’d recommend updating it and any account that used the same credentials. Apologies for missing this from the get go and for any inconvenience that this may have caused. A Player Support agent should be reaching out to you shortly in your ticket. When it comes to Account Security, we take that issue very seriously. We understand that there are some changes that should be made in order to help alert those whose accounts may be compromised, and we’re looking into this on multiple fronts. In the meantime, there are quite a few things that we can all practice to protect ourselves as well. In this day and age, you pretty much need a login and password for everything everywhere and it makes remembering your password hard. All these different accounts tempt us into reusing the same password across multiple sites, which is definitely not a safe security practice. I would suggest looking into password managers to help out with different identities on the internet. A few more tips can be found [here](https://support.riotgames.com/hc/en-us/articles/201751664-Protecting-Your-Account).
Iqqi (NA)
: > [{quoted}](name=cluvie,realm=NA,application-id=ZGEFLEUQ,discussion-id=wRf61Z5A,comment-id=0004,timestamp=2016-06-22T21:10:01.692+0000) > > Hey OP -- > > I took a look at your account and the detection in this case was for actions that happened when your account was compromised awhile back. &gt;_&lt; I&#x27;ve gone ahead and removed the suspension from the account as you&#x27;ve already been through account recovery. > > **Tips for Account Security**: https://support.riotgames.com/hc/en-us/articles/201751664 Do you know if there are any plans to eventually account for this sort of thing? It appears that you likely have some sort of timestamp window for when a violation took place and you also know the window in which the account was compromised. I don't know how the system works. I dont know if an actual person reviews every potential violation and this specific case was made by human error or if there is an automatic system which puts violators in some sort of punish pit. Either way it might be beneficial to help negate these false positives if the system also was able to exclude certain things. In this Case @Cluvie you went above and beyond to personally assist, but I would know I would feel terrible if I knew there were people out there who were punished but should not have been.
Going to look into it. The system itself is pretty automated. It's clear that this is a problem though and something we should try and account for somehow, someway if we can.
: Improper Ban?
This happened when your account was compromised --- although you've gone through recovery, the suspension for the action came much later. I've since removed the ban on the account. Keep in mind that this is an exception -- please be sure to practice good account security! We have an article here with some pretty goods tips: https://support.riotgames.com/hc/en-us/articles/201751664
: Banned for Using Third Party Software
Hey OP -- I took a look at your account and the detection in this case was for actions that happened when your account was compromised awhile back. >_< I've gone ahead and removed the suspension from the account as you've already been through account recovery. **Tips for Account Security**: https://support.riotgames.com/hc/en-us/articles/201751664
sdx1 (NA)
: Please help me understand why i was banned?
Hey SDX1 -- I took a look at the detection and while you may not have specifically cheated, the person you regularly share the account with definitely was. Please note that account sharing isn't allowed as you are ultimately responsible for any actions that happen on the account. Unfortunately we will not be lifting the ban. If you share any other accounts, please protect yourself and change the passwords on them as soon as possible. A reminder for everyone out there: **never share your credentials with anyone!**
dreqq (NA)
: is it cheating?
DREQQ -- Thanks for taking the time to write up a post about this. I'm going to take a look now and see what else I can find regarding the behavior. As a few others have pointed out, it is a bit difficult to tell the difference between actual bots and players that are new to the game. Luckily, there are a few other things we can check to be sure. Thanks again!
: Security Reminder: Beware of scams this holiday!
Ayyy :D Thanks! {{sticker:slayer-jinx-catface}}
skyknyt (NA)
: ty based senpai
  Rioter Comments
: > [{quoted}](name=Riot Sargonas,realm=NA,application-id=cIfEodbz,discussion-id=5kx4F7VE,comment-id=00060000,timestamp=2015-09-28T20:33:42.985+0000) > > This one is more my alley than her's, so I'll chime in. (My team handles the 3rd party developer program) > > It's a good idea and something we have explored in the past. Ultimately however we've made the call (and least for now) to not dive into such a program. The problem is that the internet (links) and software (dev apps) are highly dynamic. What we review and approve on one day could the next be highly dangerous, either because the Devs pivoted in a new way, because their code was infiltrated (much like the recent security flaw that hit WeChat and many other common mobile apps due to malcious code snuck into 3rd party libraries they use), or multiple other concerns. > > The amount of resources it would take for us to police this sort of ecosystem constantly to ensure that the "safe" list is 100% always safe is simply too large, especially when you factor in the damage possible by the ONE time that something snuck by. (For comparison, Apple has HUNDREDS of people who review apps for approval 24/7.) Instead, we prefer to create rules that say "if it fits within these policies it's ok to use, in a policy sense, but the security and safety of your system and account are at your discretion." This is also why we prefer to highlight and support web apps and tools that are cloud based, and not ones that require you to download software to your system. (It's also why the most recent API dev challenge required all valid entries to not include downloaded components as well.) Truth be told, people SHOULD be scared about using these (downloaded) software, and we will always highlight that risk and concern. A lot of bad people out there want access to your info, and would love to use the popularity of league to further that agenda given the chance. Fair enough. Thank you for the reply. Will you guys let the community know in the future like you did with curse voice? Whats acceptable and what is not? Im just worried about one day hey im using this app. It has been approved then bam someone does what you said and puts in a cool down timer or something. Not knowing I update app. Start a game and bam there it is. Would this be my fault?
Unfortunately yes. As with any external application, you would ultimately be responsible for any functionality that they choose to include (hard truth), but it's worth noting that we're not going to suddenly ban you without a thorough investigation; an ''accident'' like the one you've described would be fairly obvious to our systems.
: Do you have a list of applications that are 100% approved? The only one I know is Curse Voice, because they had to remove their jungle timers and auto joining to comply and the [approval was announced](http://boards.na.leagueoflegends.com/en/c/riot-official/EbE4QMZW-an-update-on-3rd-party-mods-and-curse-voice?show=flat&comment=000f).
We will not be maintaining a list of applications that might be approved or denied, because honestly, we’re just not ever going to be able to continually audit every service or function for player security, especially in this ecosystem where devs so frequently improve and expand their apps. And just to clarify, Curse is not "100% approved" specifically either, though it is okay to use. We only spoke about it specifically by name to clear up confusion around the fact we did initially prohibit its use, but we want to make sure it's clear that it is not "100% approved" as we do not make that statement about any particular app.
  Rioter Comments
Nazarith (NA)
: All of my hard work. GONE.
Hey Nazarith - I appreciate your concern with ensuring that our detection is accurate and only catching those that should be detected for elo boosting. As such, when we receive disputes, we investigate each case just to make sure we didn't miss anything while configuring it for detection; it's totally possible we could have, so we want to check the integrity of the system by reviewing cases. For your particular case, your boosting happened early on in the season and had nothing to do with travel between Maryland and Florida. Looks like you made some quick trips to Canada and back though, within ~20 minutes. Please keep in mind that even sharing your account with a friend or even a family member is still account sharing and that any behavior that is found on the account while the sharing takes place, is ultimately the responsibility of the account owner.
: This is my concern. I am about to move to a different state. I play ranked quite frequently (teams and solo). Should I wait to play ranked when I move for like a few weeks or something or can I jump back into ranked from my new, permanent location without being flagged for something I'm not doing? Anyone that has some insight on this would be appreciated.
You don't need to wait to play ranked -- feel free to play now or after you get to your new place.
Ectasyy (EUW)
: I don't know if this was asked. But how will these ban people know they got ban? this action will take into effect for ban hammer this week and following weeks to come? and will you get an email letting people know they was ban fr this? thanks!
Accounts that have been suspended will receive an email informing them of the suspension as well as the punishments that have been placed on the account.
: what is with people who changed their acc passwords more than often enough to be concidered "boosted" cuz i change my pw often....and my friend told me i could get punished for that... i was traveling a lot the last 3 month and was playing on different laptops so i wanted to change my pw so no one could get my acc because i got hacked once in S4...
Password changes do not indicate that an account is being boosted and will not get your account banned.
: How will this system detect the difference between smurfing and boosting? how many layers of detection are there? do rioters personally make sure that cases will be looked into if the system counts them falsely for boosting?
I think there might be a little bit of confusion here on what boosting and smurfing is -- boosting is sharing your credentials with someone else with the intent of them playing on your account to raise your rank up. Smurfing is something that has come to mean creating an alt account and playing. If a case is brought to our attention and confirmed that it has not actually been boosted, but was detected for boosting, we will take a look and see what caused it to be flagged and adjust the system accordingly.
: I'll assume Dr.Cyanide's post is a pretty good ELI5/TL;DR of your detection method. Thanks anywho
: ok no need to downvote thanks! With this, now a rephrased question: How can you differentiate/know when a player logs onto another player's account? just curious
I think that going into detail here would reveal a little too much information behind our detection method. That being said, we go through extensive audits to ensure accuracy and look at a variety of factors, not just one or two things.
: > [{quoted}](name=SquishyTentacles,realm=NA,application-id=cIfEodbz,discussion-id=jQLiEW6h,comment-id=0002,timestamp=2015-07-15T20:10:28.366+0000) > > What is your definition of MMR boosting? https://support.riotgames.com/hc/en-us/articles/201751834-MMR-Elo-Boosting >WHAT IS MATCH MAKING RATING BOOSTING? MMR Boosting (Match Making Rating, also known as Elo Boosting) is an act where a player (The Booster) logs into another player's account (The Boostee) with the specific purpose of improving the boostee account's MMR.
Thanks! So much faster than me :P
  Rioter Comments
: {{champion:53}} NOOOOOO!
{{item:3070}}
: I really hope this gets answered. Riot when the bot accounts get banned will their name be freely available again? Since many cool names are taken by bots it would be really amazing if someone could make this happen when the ban wave goes through.
> [{quoted}](name=Mastter1233,realm=NA,application-id=cIfEodbz,discussion-id=5so1YhEl,comment-id=000f,timestamp=2015-06-17T20:54:58.497+0000) > > I really hope this gets answered. Riot when the bot accounts get banned will their name be freely available again? Since many cool names are taken by bots it would be really amazing if someone could make this happen when the ban wave goes through. Heyo! As far as I'm aware, I believe that there is a system in place that actually frees up names on inactive accounts after awhile. This includes permanently suspended accounts too. You can read more about the Summoner Name Clean Up [here](https://support.riotgames.com/hc/en-us/articles/201751914-Summoner-Name-Clean-Up-).
: What kind of ban will it be? Will it be a perma-ban? a X amount of days ban? will priority queue be included as well?
These bans will be permanent vacations from the game.
: cluvie, what does your name mean?
It's shortened from cluviel dor, which is a faerie item from the Sookie Stackhouse book series. e.e
: This is exactly what I've been wanting from Riot on these boards! Thank you! A little communication goes a long way! +1
We're trying to come out of our shell! Thank you!
  Rioter Comments
vadose3 (NA)
: I think you might want to consider sending a message to whoever may be in charge of these things. Almost everyone has said they know they haven't used any third party programs, myself included, and that they've received the email. I've got real life friends who have received the emails as well, and they say the same thing. I think there has been some sort of MAJOR failure in your system somewhere.
I can assure you that there has not been any issues with this detection. We never want to punish anyone unfairly and we use extreme caution to ensure that only those who are using 3rd party mods have been actioned.
Slayar (NA)
: Got an Email about a banned account. I logged into mine at its fine. Scam?!?
The address associated with the email you received is not a scam and is from Riot Games. Check [here](https://support.riotgames.com/hc/en-us/articles/201751784-Emails-from-Riot-Games ) for more information on identifying emails from Riot. Please keep in mind that you may have more than one account associated with this email address. Either of these accounts could have disciplinary actions taken on it within the next few hours. ---------------------------------------------- **Edit for clarification purposes: This ban wave was specifically for botting, which is accomplished using 3rd party programs. **
  Rioter Comments

cluvie

Level 30 (NA)
Lifetime Upvotes
Create a Discussion