Player account security is one of the foundational commitments of the Dragonheim platform. Today we are publishing the support and security direction for the website account system, covering authentication standards, ticket categories, and the moderation audit infrastructure.
All accounts use secure password hashing and cookie-backed session management. The current demo environment uses a mock session layer; production will migrate to a fully JWT-backed or session-token system against a PostgreSQL database. Two-factor authentication via TOTP is planned for the security center.
The support ticket system is live in the demo. Players can raise tickets across six categories: account, billing, technical, gameplay, community, and general. Staff have assignment, escalation, SLA tracking, and internal note tools. All significant staff actions are recorded in the immutable audit log.
The knowledge base covers core account topics, guild guides, and community safety policies. We will continue expanding it with game-specific content as launch approaches.
For security incidents, compromised account reports should be filed as high-priority tickets. The moderation team operates with strict role separation — administrators have audit visibility and account management tools, while community moderators can manage forum content and apply temporary holds.