question

solar/staremare avatar image
solar/staremare asked

Fake Account Spamming

Recently, my game has been attacked by a modder, and it has been spammed with thousands of fake accounts. I had to delete the title and start afresh. How can i prevent this from happening again? Keep in mind that I'm not an expert at using PlayFab and its API.,Recently, my game has been attacked by a modder, and it has been spammed with thousands of fake accounts. I had to delete the title and start afresh. How can i prevent this from happening again? Keep in mind that I'm not an expert at PlayFab.

apis
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Neils Shi avatar image
Neils Shi answered

Since some login APIs like LoginWithCustomID require no authentication headers. If hackers know your title ID, they can create "fake accounts" easily. For more info, you can refer to What's to stop some else from using my TitleID? - Playfab Community. But as long as your Secret Keys are not compromised, then your game is safe. The Admin/Server APIs require Secret Keys or Title Entity, these fake accounts don't have permission to harm your game. And PlayFab Login APIs have IP-based rate limits, this can prevent hackers from registering a large number of accounts in a short period of time. In addition, you can also use API access policy to disable certain Client APIs (which you don't need).

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.