One time password /sigh

**Morsmordie** · 06-19-2014 06:10 AM

Originally Posted by Souljacker

Except that this feature didn't always exist, and if it did, it wasn't communicated well because I didn't find out about it until very recently when I switched to the software token from the hardware one I got back when it was first offered in XI.

Other games handle this in a much more efficient way. If you reset your phone, you have to remove the token and reattach it. Other games have a process to just recover the token to the new device that doesn't leave you vulnerable (I realize it's a very short time, but it's a vulnerability nonetheless).

If you looked through the thread properly you would have noticed that I actually said something like this on page three. I even gave an example of other games and how they handle the recovery process of phone apps.

**Jonny_Tapas** · 06-19-2014 12:33 AM

The amount of people complaining about this is quite silly

If a large volume of people are complaining about it... There is a problem.

I do understand I made a mistake by not recording the emergency removal. This doesn't change the fact that many of us don't like the process and we'd like to see some different options.

This forum is for feedback right?

**Morsmordie** · 06-19-2014 03:48 AM

Originally Posted by Jonny_Tapas

snip

I do agree with you that the process is a little bit long winded & you do have to do a little bit more than most security options out there for games. I guess Squeenix has to improve their wording & information page when registering a token. That being said, I did a bunch of research before attaching my phone app to my account but that's just me, not everyone deals with these things the same way.

What would be a good way of dealing with the phone-app is the way the Blizzard Authenticator works. You write down two serial codes when you are registering the app to your account (the app itself gives you these codes, you don't have to do a second log-in to your account) that way if you want to restore the app, you can put those codes in and the app will display the right numbers.

**Eriatarka12** · 06-19-2014 12:44 AM

Well, if it's such a big problem you don't have to do it. But people in your situation (the ones who don't really see the point in going the extra mile for security purposes) are usually the ones who aren't great with browser security and then get their accounts stolen at some point.

So, if you want to take that risk because it's too much trouble, that's completely your right! Just don't be upset if your account gets stolen because you had options.

**Jonny_Tapas** · 06-19-2014 12:47 AM

Clearly the option is being used...

**stupiddog** · 06-19-2014 12:59 AM

Originally Posted by Jonny_Tapas

This isn't the first time this has happened, I'm pretty sure the only fix is to call SE and play 20 questions unless there's something I don't know about. Which of course is during business hours only.

I understand your frustration, however, this is really nothing against the trouble you would be going through if your account was hacked, used to spam RMT and soon after banned by SE. A quick Google search will show you at least a dozen (IMHO credible) horror stories about people who had to deal with SE in this case and it often took them MONTHS to get their accounts restored. The one-time-password provides excellent protection against this kind of trouble.

**Elway358** · 06-19-2014 01:07 AM

I've never even taken my little keyfob out of the wrapper from my CE. Being that I'm on PS4 and don't give out/use my log in info on strange sites/areas, I see it as an absolutely useless extra step that I have no desire to take.

Even the free teleport benefit is not even close to enough incentive for me to be bothered with using it.

**necrosis** · 06-19-2014 11:20 PM

Originally Posted by Elway358

I've never even taken my little keyfob out of the wrapper from my CE. Being that I'm on PS4 and don't give out/use my log in info on strange sites/areas, I see it as an absolutely useless extra step that I have no desire to take.

Even the free teleport benefit is not even close to enough incentive for me to be bothered with using it.

I love people who call extra security "useless".

**Lithera** · 06-19-2014 01:20 AM

I'm not sure what you're expecting. You failed to do what you were told and record the pass code. Putting in a way to access your account without the token would defeat the purpose. It's really a simple process to use chat support and get the token removed. I've done it myself to move from a physical token to the software one.

**Jonny_Tapas** · 06-19-2014 01:40 AM

For the record:

SE customer service was way easier to deal with than previous encounters... They have improved a lot in this area.

In defense; I asked the customer service rep: Where do I acquire this emergency removal code once I reset my one time password?

A: I'm not sure... just keep your eyes open.

Obviously people are having trouble in this area.

I also want to say... The one time password is great this is why I use it. So many are arguing... you're gona get hacked blah blah blah... This is not the problem. It's clear that the one time pass is a desired feature. The point that was missed is that...

When something goes wrong with it... we would like some different options to access our accounts. I mean honestly 24 hour chat support would be a good start.

Thread: One time password /sigh

Thread Tools

Search Thread

Display

Hybrid View