Random Saturday Ep 71: Free gifts in AJPC and AJPW

What's up everyone! I'm back with your next episode of Random Saturdays! Today's topic is gonna be about the free stuff that AJ recently gave in the two games. Let's go!

A while back, AJHQ made a news announcement in PW that they were giving out a free bundle in the sapphire shop. It can be redeemed by heading over to the part where you can buy all the sapphire bundles. Click on it, and you will see an option that sell for 0 gems. The bundle contains den items, clothing items and a Pet Wild Turkey. Some of the den items appear to be differently colored items from previous sets. For example, they gave out 6 brown Beastro Dining Chairs. The original Beastro Dining Chair was white.

Other items in the bundle are the Palace Kitchen Brick Oven, Palace Kitchen Prep Table, Palace Kitchen Pantry, Palace Kitchen Dessert Station, Palace Kitchen Dinner Bell, Fresh Baked Bread, Apple Pie, Giant Carrot Cake, Giant Pumpkin Pie, Turkey Statue, Giant Cornucopia and the Feast of Thanks Table. All together, that is 18 den items. If you thought that is a lot, I'll tell you that it is not all.

The bundle also comes with 4 clothing items. Similar to the Beatro Dining Chairs, the clothing items seem to be a differently colored version of already existing items. The clothing items in the bundle are the Fall Leaf Necklace, Maple Leaf Wings, Leaf Skirt and Turkey Hat.

Finally, there is a Pet Wild Turkey in the bundle as well. It can be raised and sent on expeditions just like any other pet.

Moving on to AJPC. AJPC also has a code to give a few free items. The code to redeem these free items is "thankyou". Sadly, the number of items given in AJPC is considerably less than AJPW.  I counted, and there are only 6 items in total. They are the Turkey Hat, Turkey Tail Feathers, Cornucopia Hat, Maple Leaf Wings, Acorn Hat and a Pet Turkey.

Unfortunately, I'm not sure how much longer this code will be made claimable. So, I recommend you to go get the free items on both platforms if you haven't already. Some free stuff is still better than no free stuff after all!

That's all from me today. Till next post!

-Dew

Agent Insights Ep 65: Two-factor Authentication

What's up everyone! Today, I bring to you the next issue of Agent Insights! Since there was a recent data breach as explained in a previous announcement, I thought it'd be fitting to talk about account security.

Having a strong password isn't the only way you can secure your accounts. Though, having a strong password is still very, very important. You can read more about strong passwords in our previous agent insights here. The method that I'm going to talk about in this agent insights can be used on top of a strong password to add another layer of security on top of it. This method is known as two-factor authentication, or 2fa for short.

2fa can be enabled on many online platforms like Google, and even Discord. Unfortunately, Animal Jam doesn't have the feature (yet, as of writing this post). So, if you have other online accounts aside from AJ, I strongly recommend you to go check if there is an option for 2fa, and enable it if there is.

So, what is 2fa? It essentially is an additional step that people have to do before they can enter their accounts. To set it up, you'd need an authenticator app. One example of such an app is Google Authenticator. What it does is that it generates a six-digit code that refreshes itself periodically. One set of six digits corresponds to one account.

During the setup phase, you must link your account to the authenticator app. Most apps should have the function to use a generated code to link accounts. After logging onto your account and clicking 2fa, there should be instructions to follow. Just follow the steps, and you would be able to enable 2fa for your account.

After 2fa is set up for your account, you need to refer to the app to logon to your account. After keying in your username and password, you would be redirected to another screen. You'd have to key in the six-digit code from your authenticator app that corresponds to your account before it refreshes itself. You can only access your account after you key in a code that exactly matches that in the authenticator app at that point in time.

Since the breach, AJ CEO Clarke Stacey stated that they will be improving their security over time. The whole video may be watched here, with the announcement of new security measures around the 6 minute mark.  I sure hope that 2fa is among these new measures that AJHQ will be using!

With that, I've come to the end of this post. Once again, I'd like to emphazise the importance of 2fa. I also encourage all of you to check through your other online accounts to see if they do allow it, and enable it if they do.

That's all from me today. Stay safe and jam on!

-Dew

IMPORTANT: Animal Jam Security Breach

Update: As of the morning of November 12, WildWorks has force-changed the passwords of all Animal Jam accounts and parent dashboard accounts. You will need to reset your password to something new in order to access it. If you no longer have access to the email associated with your account, send an email to support@animaljam.com. Rumors are spreading that if you do not have access to this email, then your account will be lost forever, but this is not true. Animal Jam Support can help you transfer your account to a different email if you contact them. It would seem if you have used the "remember me" function on your AJPC desktop app, you are still able to login without changing your password.

Howdy Jammers, it's Danny here with a safety alert for you guys. Earlier today, WildWorks announced information about a security breach targeting a third-party database that contained Animal Jam account information.

That was a lot of big words, so to put it simply: the service that AJHQ uses to store some user data for Animal Jam (usernames, passwords, parent emails linked to players' accounts, etc.) was compromised, and as a result, some private information was released in a security leak. WildWorks is reporting that 46 million Animal Jam accounts were affected by this data breach, as well as 7 million parent email accounts.

The account information that was leaked in this data breach primarily includes information that was entered when your account was first created, such as your gender and your date and/or year of birth. What was also included in this breach was the passwords associated with player accounts affected by the leak, albeit in encrypted form. This means that, while the passwords were leaked, they are not readable by normal means and would have to be carefully decrypted in order for hackers to access your Animal Jam account. If you already had a secure, complex password on your account, your account is probably safe. However, if your account had a weak password, it would be pretty easy for the hackers to decrypt it.

As a precaution, WildWorks is asking all Animal Jam players to change their passwords. If you have used the same password across multiple other accounts on other websites, we recommend changing those passwords as well. See last week's Agent Insights post for more info on how to make your password safe and secure.

Do not freak out over this; it is quite unlikely your individual account is at risk, considering that the passwords are all encrypted and considering that millions of other accounts were breached as well. Change your password to something secure and you will be alright.

For a more detailed analysis on the data breach and information that was compromised, we recommend you check out WildWorks' full official statement here.

We also recommend putting the email associated with your Animal Jam account through this website, which checks to see if that email has been included in any data breaches. If it has, the website will tell you which breaches it was involved in. If you no longer have access to that account, send an email to support@animaljam.com. If your parent email was included in the breach, we advise you to change the password linked to your parent dashboard account, or ask your parent to change it if it's their email account. If your email was affected by the Animal Jam breach, the website will show you this:

That's all for now. If you have any questions, you can contact WildWorks on Instagram, Twitter, or send an email to Animal Jam's customer support email (support@animaljam.com). WildWorks will likely continue to update us as their investigation continues. If any big developments happen, we will make another post on the matter.

Agent Insights Ep 64: Wiki Worth Scam

Hey all, Jade here with your latest Agent Insights! Today, we'll be talking about a pretty rare kind of scam, but one that's also pretty easy to fall for: the wiki worth scam.

One very helpful tool to anyone looking to trade on Animal Jam is the Animal Jam Item Worth Wiki, or the AJIWW for short. It has pages for the worths of nearly all rare items and is kept very up to date with various changing worths.

However, since the wiki is collaborative, users can choose to edit pages and add incorrect worths. Sometimes this is done for trolling purposes, but it can also be used to scam. When setting up a trade with someone, a scammer could go to the wiki page for one of the items in the trade and edit it so the worth is incorrect. They could use this to get you to trade more for their item, or to get you to accept less for your item.

Since the worths are from such a reputable source, it's very easy to fall for this scam. However, there's an easy way to avoid being tricked: Go to the wiki yourself and check the page edit history. Pages are regularly edited with updated worth, so you can't be suspicious of every edit you see, but if you see a sudden and large drop/gain in worth, a very recent edit, an edit from a new/inactive account, or any combination of the three, it's likely a scammer trying to trick you into a bad trade.

In the case that you find someone attempting this scam, you should simply undo their edit and then report their account. As long as you take some time to investigate and don't let anyone pressure you into trading without double-checking worths, it's relatively easy to avoid this scam!

Well, that's all for today. If you have any questions about the wiki or this scam, feel free to leave them in the comments. Thanks for reading, everyone- Stay safe and Jam On!

Agent Insights Ep 63: Strong Passwords

Hello, everyone. Flint here, to talk about how to make a strong password.

Often, when we talk about hacking, we say things like 'just make sure your password is strong, don't give it out to anyone, and don't enter it in weird places, and you don't need to worry'. This is good advice, but we haven't covered what counts as a strong password yet, so I figured it'd be a good thing to cover.

First tip is, don't make it really obvious. Having passwords like 'password' or '1234' makes it much more likely that a hacker will guess your password, as those are the first things they will try. Similarly, making it your avatar's name, your online alias, or other specific information known to be relevant to you is a bad idea, because it's easy for people to guess them. One-word passwords are also easy for people to guess. In general, if your password is super common, short, or relevant to you, don't make it your password.

To make a good password, you should make it long. The more characters a password-cracker has to deal with, the harder it'll be for it to hack your account. It's also hard to guess long passwords that are mnemonics, random numbers, or similar. If you don't have a password manager, mnemonics for sentences that you can remember are good ways to make good passwords.

Don't include actual English words. This makes it so that the bot has significantly fewer variables to consider and makes it easier to crack your password.

In general, you should be including numbers, symbols, and punctuation in your passwords. It makes it that much harder to guess when hackers need to account for them. Combining words and letters with symbols is recommended.

Don't make your passwords the same as other passwords on other sites. If a data breach happens on one, the passwords there will be added to password-crackers that brute force hacking by using bots to try many passwords in a short amount of time, and it's much more likely that other accounts that share the same password as the breached account are at risk, since the password-crackers will try the breached passwords.

Password managers are highly recommended. The passwords they generate are nigh-unbreakable, and you don't need to remember each one. I'd recommend looking them up if you're interested in having an especially strong password.

Most hackers aren't going to try to target you specifically. You are one player out of many, and the chances of you being targeted for hacking specifically are low if you aren't very famous. However, these tips apply to passwords for other things too, and it never hurts to be safe.

That's all for today. Remember to make long passwords with at least some degree of randomness to them, and of course to not share this password with anyone. Bye!

Update Post - October

What's up everyone! I'm back from my leave and here to bring you your update for October!

October was a bit of a quiet month for the society. We didn't do much testing for the monthly events, which means that we cannot start it till a later date. Sorry about that!

On a brighter note, we'd like to congratulate Gamma Rose for being promoted to Delta! Congratulations!

Next, I'd like to remind all of you out there never to give your password to anyone you meet, especially those online. The only people who are probably ok to tell are your parents, if they ask. I'd also recommend you to give your password a checkup. Is it too easy to guess? If it is, it's more likely for hackers to gain access to your account by guessimg your password. So, change it to something that is hard to guess, but easy to remember!

Finally, the staff are currently working on a system to give quality checks on posts made by our agents. The idea is still new though, so please stay tuned to maybe next month's update.

That's all from me today. Until next post!

-Dew