Something that Blizzard does that I think SE should look in to.

[Sardoni]

I entered my password wrong the website while registering FFVII and they locked me out by emailing me and telling me to change my password (even though I have a security token).

So as far as I know the system is already in place. The people getting hacked apparently got the password right the first time.

[Fetchquest]

This was definitely in beta. Not sure why it'd be disabled now, but it was certainly in place during phase 3.

[ntall1]

NCSoft does this as well. If a new IP address tries to access the game from your account it will prevent access until confirmation is obtained thru email. Steam does this as well. In fact... lots of services do.

[Hed]

If there is something of the sort already in place as several of you have suggested I would like to know why it didn't work in my case. I've never changed any settings on the launcher or security settings for my SE account. If it were in place and effective then myself and who knows how many others would not be having to wait for an investigation to take place.I never entered my password for SE or the game of forums on any other site.

[Gilthas]

Unless they disabled the system since the beta they already do this.

It was incredibly annoying that I had to constantly reset my password so I got the software token application instead.

[Becken]

Terra has some thing like this, if some one try's to log in from another IP, its locks it and send a code to your e-mail, you have to enter this code before you can log in

[thoughtless]

They already do this. Well, I know they send out warnings of suspicious activity and make you change your password, anyways.

They sent out an automated email stating the termination of my account two days after I discovered I was hacked. No warning. No notice of a pending investigation. No evidence against me on their part. No instructions for me to contact anyone if this termination was done in error. Just an outright lifetime ban. I had to go on this forum to find a contact number since the email did not provide any way to contact Customer Support. I never visited any unofficial FFXIV sites since I only am available to play a couple hours per week. And I am aware of security measures since the agency I work for has about a dozen or so logins per employee which expire every three weeks, and require us to contact a call center with a supervisor on the line, as we state a secret hash ID, sing the star spangled banner, and hop on one foot.

If SE put even a fraction of the effort my agency has us go through in regards to security this thread would have no reason to exist. Instead, you see legitimate players get suspended for an economy SE created while the real culprits: the bots, spammers, and hackers continue on their merry way with no course of action.

[KimimiAvesta]

In Vindictus they have a secondary pin password. The pin is required to be 6-12 characters, it is a clickable keyboard only so keylogging would be impossible, also the characters on the keyboard changes places randomly so it would prevent a bot program for the pin. There have been no reports of a hacked account in that game so far with it.

Ragnarok Online 2 has a similar system - you're required to enter a 4 digit PIN using only the mouse and the keys are always randomly placed. It's a simple thing but it seems to have been effective.

[Hed]

Unless they disabled the system since the beta they already do this.

It was incredibly annoying that I had to constantly reset my password so I got the software token application instead.

If they did tis during beta then why is it not here now? That makes little to no sense whatsoever.