USB Security Token

[wildsprite]

the $9.99 every few years is trivial, I totally agree with that statement, so you spend what? an extra $9.99 every 5 or so years, big deal

as far as I know the USB security tokens out there today, most of them are not flashable, but I could be wrong on that part, it would be pretty stupid to make them flashable really

as for vulnerability, they would need to figure out the algorithm of your token, and the exact time code its on, yeah they could get the one time password you just typed in, but the chance they will use it in the 30 second time alloted? not likely

second, the point of the token is simple, hackers go after the easiest target(I.E. the person without the token will get hit first)

so yeah while they might try to get your account, most will realize you have the token and find another target to hack, cause to them time is money, and they want to do the most damage in the shortest amount of time, so the likelyhood they will go after you if you have the token isn't very high

[Atomic_Skull]

as for vulnerability, they would need to figure out the algorithm of your token,

The algorithm is already known, it uses either DES 3DES or AES depending on the customer's (Square Enix in this case) preference, though idk why you would use anything other than AES. Good encryption doesn't rely on keeping the algorithm secret to ensure security, it relies on being mathematically difficult to break. Also unlike something like a Blu-ray disk (which has encrypted data that has to work with multiple devices and therefor has to use a single common key) they can use a unique key for each token so even if someone were to mount a brute force attack on one they would only get the key for that individual token, and this would take years to decades anyway.