Could we also have the Token App (http://www.square-enix.com/na/account/otp/token.html) instead of the Security Token (http://www.square-enix.com/na/account/otp/index.html) for Windows on the PC and not just the Smartphone.

not very likely- the smartphone is a lot more secure than Windows. No other game does this either, that I'm aware of.

Part of what makes the token and app more effective is they are not in any way inside/part of/attached to the computer you're playing / inputting your password on and thus not susceptible to whatever security vulnerabilities might be on your Windows PC.

Is it possible to have the app on multiple devices but registered to just one account?

Is it possible to have the app on multiple devices but registered to just one account?I don't think so, my understanding is it's tied to the device you use- which is why if you reformat it, delete the app, etc, you need to use the recovery password to remove the app from your account.

not very likely- the smartphone is a lot more secure than Windows. No other game does this either, that I'm aware of.

Part of what makes the token and app more effective is they are not in any way inside/part of/attached to the computer you're playing / inputting your password on and thus not susceptible to whatever security vulnerabilities might be on your Windows PC. Wouldn't it be possible if we could install the App on a USB flash drive, then run App form there, that way we wouldn't have to call up SE if/when the Security Token dies. Could just download user App info from S.E.A.M.

Edit;(S.E.A.M. - Square Enix Account Manager)

Wouldn't it be possible if we could install the App on a USB flash drive, then run App form there, that way we wouldn't have to call up SE if/when the Security Token dies. Could just download user App info from S.E.A.M.

Edit;(S.E.A.M. - Square Enix Account Manager)
a USB drive attached to your computer is no better than running it anywhere else on your computer. There is literally no difference other than "The USB device is a lot slower."

As I explained, the fact the token and phone app are completely isolated from the PC you're entering your credentials on is part of what helps to improve security- this drastically reduces vulnerability of the token password to various forms of attack..

The phone is just as vulnerability to attacks as your PC. The only "security" you really get is that you are running it on another OS that is not running FFXI on it.

You could also try running the phone app in the android VM to see if it will work.

The phone is just as vulnerability to attacks as your PC. The only "security" you really get is that you are running it on another OS that is not running FFXI on it.

You could also try running the phone app in the android VM to see if it will work.
Your phone is not anywhere near as vulnerable to security threats as Windows.. The only thing it's majorly vulnerable to is man in the middle (e.g. you dropped/lost your phone and someone finds it and uses the password).

Android/IOS apps are sandboxed and it is extremely difficult for any outside process to influence them- They are, therefore, nearly as secure as the stand-alone token, and far, far, far more secure than the average Windows PC is.

I was even on your side at one time, arguing the phone app is less secure, but was very decidedly proven wrong. Yes, I admit I was wrong about something, so call the hate Al police.

Your phone is not anywhere near as vulnerable to security threats as Windows.. The only thing it's majorly vulnerable to is man in the middle (e.g. you dropped/lost your phone and someone finds it and uses the password).

Android/IOS apps are sandboxed and it is extremely difficult for any outside process to influence them- They are, therefore, nearly as secure as the stand-alone token, and far, far, far more secure than the average Windows PC is.

I was even on your side at one time, arguing the phone app is less secure, but was very decidedly proven wrong. Yes, I admit I was wrong about something, so call the hate Al police.

That's the same argument people say about Macintosh. Macintosh is just the same as Windows, hackers are not going after them because not a lot of people use a Macintosh. Yes right now, there are not a lot of viruses for smart phones right now but that is increasing as more and more people start to use smart phones.

That's the same argument people say about Macintosh. Macintosh is just the same as Windows, hackers are not going after them because not a lot of people use a Macintosh. Yes right now, there are not a lot of viruses for smart phones right now but that is increasing as more and more people start to use smart phones.
no, it's not just a popularity thing. Smart phones are more limited in certain ways what you can do with them but these limitations also make them less vulnerable to attacks. There is also usually less to gain from attacking someone's phone, because there is generally less data stored on them. Attacking smartphones is not as easy as attacking a Windows PC- script kiddies and creators of malicious software generally take the path of least resistance. Why waste more time hacking something that's less likely to prove useful to the attacker when they can more easily get into something that's more likely to be a treasure trove of stealable information?

Also being that phones and other small devices are easily lost / stolen, it is much, much more common (and much easier) to steal someone's actual phone and break into it directly, rather than trying to attack it remotely. And this type of attack, known as "man in the middle," works equally with both the phone app and the physical token.

no, it's not just a popularity thing. Smart phones are more limited in certain ways what you can do with them but these limitations also make them less vulnerable to attacks. There is also usually less to gain from attacking someone's phone, because there is generally less data stored on them. Attacking smartphones is not as easy as attacking a Windows PC- script kiddies and creators of malicious software generally take the path of least resistance. Why waste more time hacking something that's less likely to prove useful to the attacker when they can more easily get into something that's more likely to be a treasure trove of stealable information?

Window computers are attack a lot more because Windows it is on like 95% of the computers around the world, making them more profitable to attackers. I will agree that Windows makes it easy for attackers but lets switch it up. Lets say Macintosh was run on most of the computers around the world vs Windows only having say 10%. Who do you think hackers would go after, Windows or Macintosh? Answer Macintosh because it would be more of a profit to the attackers.



Also being that phones and other small devices are easily lost / stolen, it is much, much more common (and much easier) to steal someone's actual phone and break into it directly, rather than trying to attack it remotely. And this type of attack, known as "man in the middle," works equally with both the phone app and the physical token.

Man in the middle attack is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
MITM Attack (http://en.wikipedia.org/wiki/Man-in-the-middle_attack)

Man in the middle attack dose not invade the attacker stealing the devices itself.

Window computers are attack a lot more because Windows it is on like 95% of the computers around the world, making them more profitable to attackers. I will agree that Windows makes it easy for attackers but lets switch it up. Lets say Macintosh was run on most of the computers around the world vs Windows only having say 10%. Who do you think hackers would go after, Windows or Macintosh?Popularity is one factor, but it's not the only factor. Windows is genuinely much easier to attack remotely than IOS or android or any other desktop OS.


http://en.wikipedia.org/wiki/Security_tokenI was reading here and misread the meaning of MITM, which refers to theft of the PW in transit upon entering it, rather than stealing the generated password from the token/app itself.

Popularity is one factor, but it's not the only factor. Windows is genuinely much easier to attack remotely than IOS or android or any other desktop OS

Population is the main factor. Windows is really only easier because out of the box, everything is unlocked. Most people will not take the time to lock down there system after getting a new one or reinstalling Windows. I'm not saying Windows is the best OS for security but if people took the time or had someone look at it to lock down the system, they would be more save when using the Internet. Of course that also would giving them a basic understanding of how to browse the Internet safely.

Android emulator http://developer.android.com/tools/help/emulator.html

Population is the main factor. Windows is really only easier because out of the box, everything is unlocked. Most people will not take the time to lock down there system after getting a new one or reinstalling Windows. I'm not saying Windows is the best OS for security but if people took the time or had someone look at it to lock down the system, they would be more save when using the Internet. Of course that also would giving them a basic understanding of how to browse the Internet safely.Most people dont' like security because they see it as an inconvenience, that's why people dont do it, and when what security windows does have out of the box annoys them (UAC) people turn it off. So yes, windows can be made more secure, but the vast majority of people do not, thereby making their phone almost guaranteed to be more secure out of the box and without any effort on the user's part.

Keeping your security device seperate from your PC decreases the risk of said security device being compromised.

But really, the real reason this thread exists is someone doesn't have a phone and is too cheap to drop $10 on a security token (and probably just wants the mog satchel and not the extra security)

Most people dont' like security because they see it as an inconvenience, that's why people dont do it, and when what security windows does have out of the box annoys them (UAC) people turn it off. So yes, windows can be made more secure, but the vast majority of people do not, thereby making their phone almost guaranteed to be more secure out of the box and without any effort on the user's part.

Well the UAC dose give some protection and the way MS implied it is sloppy. They should of just copy the way Linux dose it...95% of what Windows is, has been copy from other people. As for making Windows more secure, I was talking about disabling unneeded services, like telnet.


Keeping your security device seperate from your PC decreases the risk of said security device being compromised.

Yes, the only real security you get is the fact that FFXI is not be ran on the same system as the software token.


But really, the real reason this thread exists is someone doesn't have a phone and is too cheap to drop $10 on a security token (and probably just wants the mog satchel and not the extra security)

LOL, I agree with that. I for one like the Token, however I have some friends who do not like it and have all ready disable it.

It begins... Software token please check it!
hacked iPhone (http://news.yahoo.com/german-group-claims-hacked-apple-iphone-fingerprint-scanner-023223193--finance.html)