[Suggestion] Please add two-factor authentication!

ArchivedUser

Hello Folks,

this would be awsome to improve our security against hackers. Google authenticator would be enough

Greez

ArchivedUser

An authentication system would be a good idea, I agree.

WoW, and SWTOR, had key chain authenticators, that generated a random numerical code, that had to inputted before being allowed to access the game.  

ArchivedUser

I did not like the SWTOR authentication as someone who used it and had the battery die.  It was an uphill battle to try and get my account back because CS just couldn't understand why I couldn't use my dead battery authenticator.  30+ days later I no longer felt the need to play after getting my account back.

There is a backend CS requirement needed for secondary authentication, I am not saying it is not worth it but it is something that you have to understand needs to be there.

ArchivedUser

I'm for account security but what happens to those who do not have a cell phone?  Yes there are people who do not have one. 

ArchivedUser

I don't think its worth it. it will overcomplicate something that should be easy. All you need to do is remember a password

ArchivedUser

CylverRayne said:

I'm for account security but what happens to those who do not have a cell phone?  Yes there are people who do not have one. 

Maybe they implement more choices for a two-factor authentication.

1. Some system which send a code to your Email adress when someone logging in with an other ip adress
2. Some system which send you the code per SMS
3. Some system which generates a code on a app
4. Or some system which asks for security questions if someone logging in with an other ip adress

In my last 9 years of gaming I got hacked 2 times with a strong password. So I am a little bit worried about my braver of the world package

ArchivedUser

I can understand your worrying.   A code sent to email would be good. Many sites do this.   There are many things you can do to discourage hacking.  Have to be more vigilante.   

ArchivedUser

Hm If you were hacked twice, something is wrong. 
A: Your password isn't as strong as you thought. I.e. 'Frogsarespecial12' In which case, while it says it's strong, it really isn't. An example of a strong password would be something along the lines of j7e3HcP@bY%f - now this may look like some sort of hash, but it isn't. 
B: You are a victim of social engineering. "Friends" making small talk about where you were born, pet names etc. These are common security questions. While you're being friendly, be aware that some people do not play nice. Phishing is another one. You clicked on a link in an email that looked legit or something of the sort, got infested with a keylogger or something of the sort. 
C: You are using previously hacked database passwords. Most people are pretty easy. Even people who don't know each other, use similar type passwords. The most common passwords start with a capital letter and end in a digit. It isn't that difficult. Especially if you are using a password from a previously hacked list. Then all the hacker has to do is run that list. 
Your email address is the same as your username, this makes it even easier. I.e. - philippt8@yahoo.. combined with a few other above mentioned tricks, if I have access to which email you use, generally, people use the same passwords repeatedly. It's a done deal. 

The vast majority of people who 'get hacked' on games are guilty of the above mentioned. I am not saying we shouldn't have 2 factor authentication. Actually, I am for it. However, there are ways to protect yourself without it. 
Source: I am a Cyber Security Analyst for a University. 

ArchivedUser

Big fan of two-factor authentication... I fully agree.

ArchivedUser

philippt8 said:

1. Some system which send a code to your Email adress when someone logging in with an other ip adress

Trion does this with Rift.  They call it "coin locking".  You can login to the game, but you can't do anything until you enter the code sent to your account email address.

I feel this and Google Authenticator as options would be adequate.

Keyword here... options.  Make it available for those of us who want to enable it and leave those who don't alone.

ArchivedUser

  SaeyoPrayers said:

Hm If you were hacked twice, something is wrong. 
A: Your password isn't as strong as you thought. I.e. 'Frogsarespecial12' In which case, while it says it's strong, it really isn't. An example of a strong password would be something along the lines of j7e3HcP@bY%f - now this may look like some sort of hash, but it isn't. 
B: You are a victim of social engineering. "Friends" making small talk about where you were born, pet names etc. These are common security questions. While you're being friendly, be aware that some people do not play nice. Phishing is another one. You clicked on a link in an email that looked legit or something of the sort, got infested with a keylogger or something of the sort. 
C: You are using previously hacked database passwords. Most people are pretty easy. Even people who don't know each other, use similar type passwords. The most common passwords start with a capital letter and end in a digit. It isn't that difficult. Especially if you are using a password from a previously hacked list. Then all the hacker has to do is run that list. 
Your email address is the same as your username, this makes it even easier. I.e. - philippt8@yahoo.. combined with a few other above mentioned tricks, if I have access to which email you use, generally, people use the same passwords repeatedly. It's a done deal. 

The vast majority of people who 'get hacked' on games are guilty of the above mentioned. I am not saying we shouldn't have 2 factor authentication. Actually, I am for it. However, there are ways to protect yourself without it. 
Source: I am a Cyber Security Analyst for a University. 

You got me :D

I got hacked twice on the same game when I was 10 years younger. The Problem was a RAT called Bifrost which infected me when I downloaded as kid warez. I don´t know anything about it. Nowadays I more informed about these methods.

I use now KeePass to generate my passwords and they are all 25 letters long and all unique.

I want to prevent younger players from such this bad ppls, because today not everyone is a computer specialist.

We all only wanna enjoy our hobby

Sorry for my bad english:)

ArchivedUser

Children and many adults need to be taught internet safety and how to avoid hackers.   The problem is that many don't really listen and then wonder why they got hacked.  Many of my old co-workers were like this.  I have actually told them, even some relatives not to email me at all if they continued to send me jokes or other such things sent through a chain.   Many I have just deleted from my contacts.
Certain family members are not allowed even near my pc.  lol  

People tend to offer too much personal info on social media.

There are 2 young adults that on occasion I allow to play my games.  I know I can  trust both yet I put in the pw's before they enter the room and they respect this.  
My spouse is compter illiterate but a few years back I bought him a laptop.  He was hacked x2.  He is now forever calling me to the other room and asking "can I click on this?"  "come read this!"   It's a pain but it works.  lol  

You said:  "I want to prevent younger players from such this bad ppls, because today not everyone is a computer specialist.

We all only wanna enjoy our hobby 

Sorry for my bad english:)

You're right when you say not everyone is a computer specialist.  But mostly it takes awareness and common sense to stay safe.  Traits that unfortunately many adults don't even  have.  

Your English is fine btw!   

@  SaeyoPrayers speaks the truth.

ArchivedUser

philippt8 said:

Sorry for my bad english:)

There's not a thing wrong with your English.  No apology necessary.

ArchivedUser

Please please add this!!!

ArchivedUser

philippt8 said:

  SaeyoPrayers said:

Hm If you were hacked twice, something is wrong. 
A: Your password isn't as strong as you thought. I.e. 'Frogsarespecial12' In which case, while it says it's strong, it really isn't. An example of a strong password would be something along the lines of j7e3HcP@bY%f - now this may look like some sort of hash, but it isn't. 
B: You are a victim of social engineering. "Friends" making small talk about where you were born, pet names etc. These are common security questions. While you're being friendly, be aware that some people do not play nice. Phishing is another one. You clicked on a link in an email that looked legit or something of the sort, got infested with a keylogger or something of the sort. 
C: You are using previously hacked database passwords. Most people are pretty easy. Even people who don't know each other, use similar type passwords. The most common passwords start with a capital letter and end in a digit. It isn't that difficult. Especially if you are using a password from a previously hacked list. Then all the hacker has to do is run that list. 
Your email address is the same as your username, this makes it even easier. I.e. - philippt8@yahoo.. combined with a few other above mentioned tricks, if I have access to which email you use, generally, people use the same passwords repeatedly. It's a done deal. 

The vast majority of people who 'get hacked' on games are guilty of the above mentioned. I am not saying we shouldn't have 2 factor authentication. Actually, I am for it. However, there are ways to protect yourself without it. 
Source: I am a Cyber Security Analyst for a University. 

You got me :D

I got hacked twice on the same game when I was 10 years younger. The Problem was a RAT called Bifrost which infected me when I downloaded as kid warez. I don´t know anything about it. Nowadays I more informed about these methods.

I use now KeePass to generate my passwords and they are all 25 letters long and all unique.

I want to prevent younger players from such this bad ppls, because today not everyone is a computer specialist.

We all only wanna enjoy our hobby

Sorry for my bad english:)

You're English is great. Nothing wrong with it. Actually, pretty impressive considering any second language can be difficult to learn and English is one of the hardest. Good for you, I can only speak English, so you're doing much better than I. 

But yeah, I figured that's what happened. Lol very rarely does a hacker have the skill to get access any other way. Granted, if someone like me wanted in. There isn't much you can do to stop it. A lock just keeps an honest man, honest. Generally speaking though, most hackers want as many targets as they can get as fast as possible. Kind of like a robber in your neighborhood. He might go check 100 houses to see if their door is unlocked. If it is, tough luck. If they see deadbolts, security cameras, dogs and alarms. It's a bit of a deterrent. Could he still get in if he really wanted? Sure. It's much easier to just go next door to the unlocked house though. Lol

Common sense security measures will deter 95% of infiltration. 

ArchivedUser

freespiryt said:

An authentication system would be a good idea, I agree.

WoW, and SWTOR, had key chain authenticators, that generated a random numerical code, that had to inputted before being allowed to access the game.  

i would really like this method being used with AoC. plus id love to have a AoC themed key chain code generator. its all about the merch right?

ArchivedUser

Why not do what Steam does and send you an email when ever it detects you logging in from a new location? You get an email and the log in will be halted until you confirm the code in the email.

Annoying when I'm visiting friends but handy for monitoring log in attempts on your account.

ArchivedUser

I appreciate 2-factor authentication, but not everyone does.  I do hope we have the option of having it, as it does make things safer, but I don't think it should be forced on those that would rather not have to deal with it.  

ArchivedUser

philippt8 said:

Hello Folks,

this would be awsome to improve our security against hackers. Google authenticator would be enough

Greez

I've never been "hacked" in anything.
This one time someone stole some shit off my RuneScape account, but that was cos I shared my password, not hacking. 
Every other game I have been fine and an authenticator has never been needed.. Seems like extra effort for no gain.

N Phillip, who's that girl in your display picture? She is hot.

ArchivedUser

Authentication is a great idea. And for those whom do not have a cellphone, the keychain authenticator is a great tool (I have the SWTOR one) However, as previously stated, battery is an issue, so simply make it so the battery is replaceable. 

ArchivedUser

I'm all for 2 factor authentication, no real reason not to have it.  I found the cell phone app for SWTOR to work quite well.  I think SaeyoPrayers pretty much summed the rest up.

ArchivedUser

but I like my password, Ihatepasswords1 is an awesome password.