Security Token shouldn't be required to sign in

[tia]

what r u talking about everyone that i know has the thing on there keys i always have it i can log in here or anywhere with my laptop so i take it everywhere

FFXIV is the same way on both game and forum sites all SE sites use the one time password to log in

its not a big deal

[Starcade]

It makes perfect sense, i hereby vote against your idea to remove token use for login.

As do I.

The Security Token is really the only thing separating you from a hacked account -- in-game and on the forums.

Even then, it might not do it all the time, but we all know that there are people out there who will gladly take what they feel is theirs (read: everything).

[GlobalVariable]

Having the forum use the exact same login as the game is in itself a security risk. Everyone without the token is made that much more vulnerable by it.

[Starcade]

With the exception, though, that the token changes numbers, I believe, every 30 seconds, reducing said risk, GV.

[Claquesous]

Now that I'm home, I can finally respond to this thread. Yes yes yes! Change this now!!!

Arguing that a concern over one's security makes someone less likely to show a modicum of restraint is about the least logical argument I've ever heard. It was also the most pathetic display of "anti-trolling" trolling I've ever seen.

Also, encouraging people to type in sensitive login information on untrusted machines is about the biggest security risk imaginable. I would never EVER login to my SE account from a public computer. However, I would be glad to use my normal forum password from anywhere.

I was pleasantly surprised that I needed my one time password to register. This is an excellent anti-spam defense. However, I was shocked when I found out I needed my one time password to login every time. For my money, this renders the forum virtually useless.

[HFX7686]

I don't take my token with me when I go to work or on holiday. I do take my laptop and read forums.

I would like to be able to sign in from multiple machines without having to use my token.

I don't want to deactivate my token off my FF11 accounts just to be able to do this.

Please change it.

[GlobalVariable]

With the exception, though, that the token changes numbers, I believe, every 30 seconds, reducing said risk, GV.

Having the forum use the exact same login as the game is in itself a security risk. Everyone without the token is made that much more vulnerable by it.

<minimum non quote text requirement here>

[Byrth]

Currently I'm on holiday. I wouldn't be able to post this if I hadn't unlinked my security token. Haven't really missed it.

They're covering themselves and making it harder to get angry at them, because once you put a security token on an account you've accepted personal responsibility for its security, while before (when we lacked the ability to keep our accounts secure) it was ambiguous. By making you go through the same security before you post (and potentially endanger your account), they insure we don't yell at them as much when we get banned.

I deactivated it. My account is less secure, but it's a lot easier to log in. Cost/Benefit. FFXI accounts aren't worth anything anymore and there's no market for them. Pirating accounts is more trouble than it's worth.

The real security issue is saving your password to this site with a deactivated security token. The SE account password/etc info must be stored in a cookie somewhere, and your character account password is stored in your insecure POL files. Anyone with access to your computer (via malware) would have both halves of the code and be able to log in without even using a keylogger.

[Wade]

Are you guys logging out every time you leave? I have been logged in since the 8th. I only had to log in on Tuesday and apparently it saved a cookie or something because whether I am at home or at work, it still has me logged in when I come back to the site. I only had to use my token the first time I logged. I am using Chrome, not sure if that has anything to do with it and that when I logged in the first time, I checked the little box to "Remember ID".

[Dantel]

i think it does that already they are one step ahead of you