That why they give you a emergency removal code so you can remove it if needed.Quote:
Originally Posted by nuyu11
Password Reset Security Flaw
Printable View
-
04-16-2015, 01:56 PMLexia
-
04-16-2015, 01:58 PMmbncdThey said a lot of people don't have one, but they also said a lot of people won't use any kind of OTP because it's a hassle. It's unclear exactly what they have or what they're willing to do.Quote:
Originally Posted by Lexia
I would not however recommend buying a dongle token over getting any smart phone or iphone released in the last 10 years, for the simple fact that they can easily get one of the latter from a friend or family member for free when they upgrade to a more recent phone, and a phone is more universally useful and harder to lose. (I can't count the number of times I've spent an hour looking for something that fell behind a cupboard or something and wishing I could simply call it to find it...) -
04-16-2015, 02:06 PMLexiaI used a physical for long time from when the released in back in 2009 had it attached to my keyring there was no losing that without losing all my keys, leaving it on your desk is like what person below saidQuote:
Originally Posted by mbncd
Quote:
Originally Posted by Rendecrow
-
04-16-2015, 07:02 PMUltimateAoe2
If you indeed lose your phone, you are able to remove the One-Time thingy on your account.
You just require to give exact information regarding the account in question. I've done this before since I restored my iPhone since it was bricked from a update. Derpy me. -
04-16-2015, 07:08 PMJamein
People are throwing out the term hacked a lot, amusingly enough they don't get your passwords by 'hacking' you. 90% of the time people are stupid enough to click those emails that direct you to www.ffxiv.sqaureplexnix.com or whatever and go dump their username and PW into the boxes.
Protect your password.
Be careful what you do and the site you're on.
Don't go opening up every website link on every email.
Use a token for added security.
There is a perfectly safe system in place, if you fail to use it correctly, well then god help you.
Although on that note, SE SHOULD send you an email everytime your password is changed. Most companies do this. -
04-16-2015, 07:22 PMtocsinim afraid to click that link. where does it go?Quote:
Originally Posted by Jamein
-
04-16-2015, 07:41 PMJameinI made it up :P it's perfectly safe, just an error server not found.Quote:
Originally Posted by tocsin
-
04-16-2015, 08:48 PMmbncdAll great advice but I just want to add one more:Quote:
Originally Posted by Jamein
Use different login details for every site.
If one is compromised, you don't want them all to be. As a teenager, I failed to consider that and when my single password for all sites was used on one that turned out to not be so safe, they went through a lot of the sites I was a member of very, very quickly. I learned that lesson very quickly and have not repeated that mistake in the last 15 years but sooo many people still do... -
04-16-2015, 09:26 PMTiggyYou're given a recovery code that you write down for those moments. It specifically is used to remove the authenticator for moments like that. There's really no good excuse not to protect your account.Quote:
Originally Posted by nuyu11
-
04-16-2015, 10:50 PMJimboTCB
I just can't get the software token to register right, I've tried half a dozen times and even gone via the support desk to confirm my personal details on my account are correct, the damn thing just refuses to work.
Keep meaning to get a hardware token, I've had one on my WOW account for years even though I don't play any more, and for me it's much more convenient than a soft token.