I am in Aust , I have the software token / one time pad for mobile.Because not everyone else can access those, as we're not from the US/EU?
I am in Aust , I have the software token / one time pad for mobile.Because not everyone else can access those, as we're not from the US/EU?
This attack is a pretty simple one. It's just plugging in details scraped from other hacks and leaks over the years.
If you use a password manager, and don't reuse your passwords you are as safe as you ever are.
やはり、お前は……笑顔が……イイ
Keep in mind, the picture below is what the REAL log in to the Lodestone looks like https://na.finalfantasyxiv.com/lodestone/
FAKE SITES will have jibberish letters like .xya inserted and the OTP on the same page as your name login and password.
Holy tabs Batman!!
"You are just going to give me one of those stoic nods aren't you?"
WOL = Nods
(one of my favorite moments)
PerhapsIf you use a password manager, and don't reuse your passwords you are as safe as you ever are.
Better safe than sorry later, Shibi. Password security is a big deal.
Using OTP with FFXIV login is painful, bad enough you need to enter password every time, but OTP also. There's a thing called OAuth that issues security tokens once you pass all authentication checks so you don't need to provide this stuff every time, apparently Blizzard can implement this but not SE. Cumbersome login processes always forces bad security habits by users.
Convenience and security are ever on opposite sides of a spectrum.Using OTP with FFXIV login is painful, bad enough you need to enter password every time, but OTP also. There's a thing called OAuth that issues security tokens once you pass all authentication checks so you don't need to provide this stuff every time, apparently Blizzard can implement this but not SE. Cumbersome login processes always forces bad security habits by users.
No they aren't, OAuth is easily fixes this, this isn't host based security, doubt you have a clue about IAM systems, so not surprised you would say something that naive.
Lots of banks and other institutions use that same technology to ease logins, even Office 365 does, even Blizzard, so you're just making excuses for SE spending poorly on security because you lack knowledge of how it works.
Last edited by Aurikai; 10-08-2022 at 11:15 AM.
My guy, I merely stated a pretty standard security adage which holds true almost no matter what. It's why "layered defenses" are better no matter what kind of system you're trying to create. No need to get hostile.
"No authorization or authentication standard is guaranteed to protect your information. If your information is available online, it’s susceptible to being stolen. If hackers breach a server of any service that you use, they could potentially take your login information or personal information, like name, address, and credit card information. [...] What makes OAuth great is that it restricts how many third-parties know your passwords. No, that doesn’t mean your personal information is 100% safe. But, by reducing how many entities have your passwords, you’ll lessen the chance that your passwords will get compromised."
No you stated a blanket statement that had nothing to do with the topic at hand, which was OAuth would make it easier for users to login. Saying nothing is 100% secure is like saying you should never drive or fly because cars aren't 100% safe, it's pointless thinking and completely dismissive. You can make excuses for SE not implementing that technology all you want, nothing you've said has provided any relevant counter arguments for why they shouldn't.My guy, I merely stated a pretty standard security adage which holds true almost no matter what. It's why "layered defenses" are better no matter what kind of system you're trying to create. No need to get hostile.
"No authorization or authentication standard is guaranteed to protect your information. If your information is available online, it’s susceptible to being stolen. If hackers breach a server of any service that you use, they could potentially take your login information or personal information, like name, address, and credit card information. [...] What makes OAuth great is that it restricts how many third-parties know your passwords. No, that doesn’t mean your personal information is 100% safe. But, by reducing how many entities have your passwords, you’ll lessen the chance that your passwords will get compromised."
|
![]() |
![]() |
![]() |
|
Cookie Policy
This website uses cookies. If you do not wish us to set cookies on your device, please do not use the website. Please read the Square Enix cookies policy for more information. Your use of the website is also subject to the terms in the Square Enix website terms of use and privacy policy and by using the website you are accepting those terms. The Square Enix terms of use, privacy policy and cookies policy can also be found through links at the bottom of the page.