locking your character if your account is accessed from different IP and preventing anyone from deleting any items you have - deleting characters - locking trading - binds the characters in place and you can unlock your account again by clicking on secure token icon in game and typing in the numbers that show in your token

Nice idea...may involve too much effort to implement the extra layer for them to consider it though. IDK.. guess it all depends on how their system is structured I guess. You could also run into issues with people having dynamic IP's. Once a month, once every 6 months--however often an ISP chooses to renew the lease on an IP. It could create a support bottleneck with users calling in to reset the IP lock on their characters because their IP reset.

When they first announced the security token, I was hoping it was going to be like a USB (or maybe even a software) device that generated a key that synched all the time--but I guess someone could eventually find a way to crack that system and read the codes and still hack your account. nothing is perftect I guess.

I'm still confused why they think my account is extra secured by using the SE account password over my POL account password. In either case it is just one, and I preferred my old POL account that was in memory (not that safe) because I could log in faster than to stop and think "Which password did I use for this again?".

lol. i use the same passwords for everything.

locking your character if your account is accessed from different IP and preventing anyone from deleting any items you have - deleting characters - locking trading - binds the characters in place and you can unlock your account again by clicking on secure token icon in game and typing in the numbers that show in your token

They lock your character if too many logins fail from a different ip then usual. then SE ask's for a copy of your passport/birth certificate, address, phone number AND pol code you used to create your account. Prior to this they change your password with not so much as an email to tell you... go figure.

I'm still confused why they think my account is extra secured by using the SE account password over my POL account password. In either case it is just one, and I preferred my old POL account that was in memory (not that safe) because I could log in faster than to stop and think "Which password did I use for this again?".

The SE account was put in there for use of the token I think--you are logging into a different server first (using the SE password and the Token's code), then going to the POL server (the SE account saves your POL password, if I remember right...been too long since I set mine up). So, if you aren't using the token, you essentially just made it a static double password system, where one password is saved which is the same security as before...I think.
Sometimes companies like to limit the entry vector as much as possible. I guess by having everyone use SE sign-in, they just need to look at that system when someone is having issues, rather then going the additional step of determining which system is used to manage the security.