How important is the security token? Because it's annoying to use.

[mbncd]

Personally, even if I had absolute confidence in the security of my account (I'm careful but not naive or arrogant enough to ever say about anything "it could never happen to me"), I'd still use the OTP for the free teleports. I use them several times every day.

If I'm in Grid or Uldah and want to get back to Limsa (my free tele point), I use the free tele. If I'm out in the field and want to get to any of the cities cheaply and quickly, I tele to Limsa and then airship if needed. Even if I'm in Limsa but not near an aethernet shard (like at the ARM/BSM guild or out near what used to be the MRD guild ship), I use the free tele to easily access the aethernet and get around town. Easy, fast, free access to everything I need and it's made me lazy but I love it <3 OTP user for life! For the record though, I've been using my token since Sept 2010 and I do strongly advocate the security of the system so long as you don't digitally store "spare" numbers (as some people do to deactivate their token without using the deactivation code) or the deactivation code itself on your computer or other digital devices. Once people store those numbers on the computer, it defeats the purpose.

[DragonFlyy]

Typical scenario: Account gets stolen by third party. Third party uses high level character to bot for gil. Sells gil and makes money. The key here, they didn't pay for the game or time required. They just used your account. It has happened and is happening. If you don't want the authenticator, that is your choice. However, if you account is compromised, don't blame anyone but yourself for lack of security. Oh and yes, a Macintosh can have spy ware. It's just as common as Windows machines (and even Linux machines). The reason they don't steal your bank info? That's a federal case, stealing an online video game account is pretty worthless to the police.

[Saziel]

Put the token with your keys? I always end up with mine in my pocket as a result. I hate authenticators on phones for a couple of reasons.

First: Your phone is already a high-value item that is prone to theft. Why would you want to add to that value?
Second: There is a likelihood of your phone having to be factory reset, or the app removed in some form or another down the line which invalidates the sync.

The first part, sure, but the second part is easily solved when you initially set it up and write down your emergency removal code.

[Legacy_Wolfwood]

didnt read every post in the thread, but correct me if i'm wrong...

for the sony ps3/ps4 user FF14 accounts, aren't they linked to the specific PSN account?

So to use your ff14 account, you have to also be logged into the correct psn account correct?

If that is true, then the hackers would have to get your PSN info as well as your FF14 info...

Pretty good double security lol then you add a token on top of that for 3 layers of login.

[mbncd]

One other thing I want to mention is that someone not using an OTP doesn't only risk their account. If you have access to the FC chest, someone compromising your account compromises the gil and items others have stored there. Likewise, someone could pretend to be you and approach people on friends lists, in your LS'es and in your FC to procure gil/money as "loans" and the like. They could even get innocent people trafficking their illegally gained gil or items (everyone's aware of the problems with getting items/gil to alternate characters on the same account so many are willing to help friends with that without realising it jeopardises themselves if that friend isn't who they seem).

[Freyar]

Unlikely. An account with a pre-leveled and pre-geared character is valuable for resale, and RMT shout-bots are banned generally within hours. A compromised account would be stripped of valuables and sold to folks looking to join the game already set for endgame; if it was used to shout for RMT, it'd quickly be banned and become worthless. Shout-bots are level 1 characters that are mass-generated to keep up with the bans, not compromised accounts.

They won't resell the accounts, but they'll certainly strip what they can, THEN start shouting (as well as creating any other shout-bot characters they can on the account.)

[Rhas]

Yep, I would completely trust Sony, they have such a reputation for maintaining the security of the PSN, and would never let the data for millions of accounts with personal information and credit card details be hackackachBWAHAHAHAHAHA AHAHAHA AHAAAHAAA .

You know XB Live has been hacked many times too. It isn't just Sony and PSN. They are all vulnerable.

[necrosis]

LOL. Sorry but extra security is annoying? I wish MORE things had a two factor option.

[kidvideo]

LOL. Sorry but extra security is annoying? I wish MORE things had a two factor option.

PS4/3 users have 3 factors. PSN account, SE account, token.

[Zaels]

Very important. Unless you're naive enough to think being hacked is something that can't happen to you.