RE Bots - they are ruining our lives, and are hurting the market prices for items, and farming the hell out of useful maps.
These people don't care, and they justify it by saying, others are doing it and i am only "making the playing field even"... well not really.
Anyways, are you not able to implement a recaptcha to prevent bots from logging in. Google provides a free one which you can imbed in http pages, so maybe the login app, can link users to that before authenticating. Googles recaptcha is very sophisticated in terms of how it prevents and detects bot analysis, I think it does interesting things like capturing response time to answers, and movement speed of mouse.
So what you could do, which shouldn't cost too much dev time is the following.
1. When I launch the ragnarok app, the play button will take me to warportal captcha login page.
2. Once i confirm the captcha, you store a token on your server against my UID to say, this person has authenticated.
3. The app is constantly checking once launched (every 30s) if the authentication has been enabled, and will then take you to your regular login page.
4. Once the user disconnects, that token is cleared.
That token cannot be recreated by hackers, its something you have on your system.
The http recaptcha can't be faked, as it uses interesting hueristics to determine botness,
I 100% guarntee that your users will NOT have any problem with this. your userbase will 100% accept the 2m extra to login, if we can ensure there are no bots.