Affiche les résultats de 1 à 10 sur 11

Vue hybride

  1. #1
    Player
    Avatar de JamuManis
    Inscrit
    aot 2013
    Messages
    8
    Character
    Tokine Sumimura
    World
    Tonberry
    Main Class
    Occultiste Lv 50

    Please recommend OTP software

    Hello im using android. and when i goggle i saw many ppl complaint about one time password. is anyone can recommend a good otp software? i read goggle authenticator is good enough. can i use it for ff14? please need help. thank you guys
    (0)

  2. #2
    Player
    Avatar de LordSideKicks
    Inscrit
    aot 2013
    Lieu
    Limsa Lominsa
    Messages
    405
    Character
    J'ordance Nunh
    World
    Behemoth
    Main Class
    Maraudeur Lv 50
    Citation Envoyé par JamuManis Voir le message
    Hello im using android. and when i goggle i saw many ppl complaint about one time password. is anyone can recommend a good otp software? i read goggle authenticator is good enough. can i use it for ff14? please need help. thank you guys
    Using it for almost a month. No issues. Those giving it down votes may be hackers. Reason it is obvious.
    (1)

  3. #3
    Player
    Avatar de Rivienne
    Inscrit
    aot 2013
    Messages
    347
    Character
    Rivienne Bertouaint
    World
    Behemoth
    Main Class
    Élémentaliste Lv 36
    Citation Envoyé par JamuManis Voir le message
    Hello im using android. and when i goggle i saw many ppl complaint about one time password. is anyone can recommend a good otp software? i read goggle authenticator is good enough. can i use it for ff14? please need help. thank you guys
    You do not need a third party tool. SE has a specific app for Android and iPhone to provide the one-time password. It is in the app store for both as, I believe, "Square Enix Software Token".

    Citation Envoyé par ispano Voir le message
    The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.
    Citation Envoyé par DoctorPepper Voir le message
    That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.
    Citation Envoyé par ispano Voir le message
    I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.
    Technically she is correct. There are many phone compromises that would allow for the software app to be potentially bypassed. That said, the software token is still more secure than not having any at all, as it adds a secondary time-based authentication factor beyond the static name and password.

    It can be hacked. Never doubt it. The question in security is never "can" but "is it worth it". As of right now, I would say the answer to this question is no in this case. It is definitely worth it to hack account information in general as it can be used for data mining in general and hacking multiple websites. But as of right now I would say it is not worth it to target specific peoples phones for the off chance of getting a password that must be used in 60 seconds of capture.

    So while the security token is absolutely without a doubt more secure than the software token, I do not believe that at this time there is any evidence that the additional security it provides is substantial enough to be necessary for those who do not have one, but do have the ability to use a software token.
    (2)
    Dernière modification de Rivienne, 01/10/2013 à 01h12 Raison: Out of posts.

  4. #4
    Player
    Avatar de ispano
    Inscrit
    octobre 2011
    Messages
    2 753
    Character
    Melfina Amastacia
    World
    Excalibur
    Main Class
    Maître d'hast Lv 60
    The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.
    (0)

  5. #5
    Player
    Avatar de DoctorPepper
    Inscrit
    aot 2013
    Lieu
    Limsa Lominza
    Messages
    922
    Character
    Doctor Pepper
    World
    Cactuar
    Main Class
    Samurai Lv 70
    Citation Envoyé par ispano Voir le message
    The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.
    That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.
    (0)

  6. #6
    Player
    Avatar de ispano
    Inscrit
    octobre 2011
    Messages
    2 753
    Character
    Melfina Amastacia
    World
    Excalibur
    Main Class
    Maître d'hast Lv 60
    Citation Envoyé par DoctorPepper Voir le message
    That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.
    I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.
    (1)

  7. #7
    Player
    Avatar de Yoohre_WildRiver
    Inscrit
    avril 2011
    Messages
    758
    Character
    Yoohree Reborn
    World
    Zalera
    Main Class
    Cuisinier Lv 70
    Citation Envoyé par ispano Voir le message
    I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.
    by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield
    (0)
    HeavensWard theme song lyrics:

    - "We can [Stance]dance if we want to
    We can leave your friends behind
    Cause your friends don't [Stance]dance
    And if they don't [Stance]dance
    Well they're no friends of mine"

  8. #8
    Player
    Avatar de ispano
    Inscrit
    octobre 2011
    Messages
    2 753
    Character
    Melfina Amastacia
    World
    Excalibur
    Main Class
    Maître d'hast Lv 60
    Citation Envoyé par Yoohre_WildRiver Voir le message
    by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield
    Has nothing to do with what I was speaking of. Just because you CAN make it more secure, doesn't mean people do. Or even know how to or such. The point was the phone is usually connected to the internet, the physical token is not, ever.
    (0)

  9. #9
    Player
    Avatar de Ryios
    Inscrit
    aot 2013
    Lieu
    VA
    Messages
    1 055
    Character
    Ryios Locke
    World
    Coeurl
    Main Class
    Gladiateur Lv 68
    Or you can have Square Mail you the actual RSA Token, I keep it on my keychain. You don't have to have the app to use it. I've had it since 1.0 and it still works.
    (0)

  10. #10
    Player
    Avatar de Krimzin
    Inscrit
    aot 2013
    Messages
    43
    Character
    Krimzin Rage
    World
    Leviathan
    Main Class
    Maître d'hast Lv 50
    I currently use a program called Bluestacks. Its in beta but works well. It is an Android Emulator.
    That way I know if I lose my phone or whatever, I have the ability to get the OTP.
    (0)
    Just because Im a Gamer, doesn't mean I drive a Honda
    www.ContentionXIV.com