One time password Authenticator - Mobile App?

[Arcell]

Okay so there might be some security risks if people are stupid and don't know how to adequately protect their account info. Does that mean the rest of us shouldn't enjoy some convenience because of the stupid people out there? There is an inherent risk in everything and you can't fix stupid.

In games where I never had the option of an authenticator none of my accounts were ever hacked. Why? Because I'm not stupid. I never gave out my account info to any program, I never followed any e-mail links to phishing sites, I never gave my account info to apps.

Also I would imagine if SE made a mobile authenticator app, they would take measures to remedy these issues should they arise. Nothing is unhackable, nothing is entirely foolproof, nothing is 100% secure. Let those of us who aren't idiots make use of the convenience of such an app.

[Delsus]

"Available" is not the same as "in use."



Most people just click through the default settings.



Super Happy Awesome Funtime XIV app will use your own character for the hourly /panic dance show if you just give it your login info! Be the first kid on your block!

Sure, such a phone app is (probably) better than nothing (for now). But it cannot and will never be as secure as something you'd need a screwdriver and soldering iron to get inside of.

Oh Oh I know what if Super Happy Funtime XIV has access to GPS and some RMT guys come to your house and steal your authenticater and beats your user id and pass out of you, seems like the key fob isn't as secure as you think with that app.

[Impulse]

Okay so there might be some security risks if people are stupid and don't know how to adequately protect their account info. Does that mean the rest of us shouldn't enjoy some convenience because of the stupid people out there? There is an inherent risk in everything and you can't fix stupid.

In games where I never had the option of an authenticator none of my accounts were ever hacked. Why? Because I'm not stupid. I never gave out my account info to any program, I never followed any e-mail links to phishing sites, I never gave my account info to apps.

Also I would imagine if SE made a mobile authenticator app, they would take measures to remedy these issues should they arise. Nothing is unhackable, nothing is entirely foolproof, nothing is 100% secure. Let those of us who aren't idiots make use of the convenience of such an app.

Exactly. I never even had a security token attached to my account until I picked up my XIV CE. Seeing as I played XI since PS2 launch up to that point without ever being hacked (or ever been hacked into in general on any service), it's pretty safe to assume that the issue exists between the monitor and chair. TV and couch if you roll that way.

[Delsus]

Exactly. I never even had a security token attached to my account until I picked up my XIV CE. Seeing as I played XI since PS2 launch up to that point without ever being hacked (or ever been hacked into in general on any service), it's pretty safe to assume that the issue exists between the monitor and chair. TV and couch if you roll that way.

Exactly, these biological malfuctions in PCs are so annoying, why do you think alot of things with PCs are automated? how many people would manually update antivirus definitions, actually how many people know that goes on in the background?

[Lollerblades]

^
I'd wager to day not many - As they say ignorance is bliss

[Jinko]

If a person is stupid enough to give away their login details like that, I'd say let virtual Darwinism take its course.

You now there are these viruses called key loggers that will copy and send information over the internet based on the buttons you press.

Darwinism indeed, I though you would know about such things with such mighty intellect.

[Delsus]

You now there are these viruses called key loggers that will copy and send information over the internet based on the buttons you press.

Darwinism indeed, I though you would know about such things with such mighty intellect.

Thats what anti-malware is for, and a little bit of common sense, I have never had a keylogger on my laptop, or any virus infact although I use lets say high risk software (not FFXIV related) because I have common sense about where I download from.

[Ziyyigo-Tipyigo]

Yeah anyone who would do that deserve to be hacked, absolutely anyone, they would know that little about computers they would struggle to install ffxiv never mind play it.

OK, then you, personally, don't fall for it. But enough people will that the game economy will crash and playing XIV will feel like XI before the Special Task Force, thus ruining your gaming experience regardless of your savvy.

People fall for these ruses all the time. Attackers keep doing it because it keeps working spectacularly, and the rewards always far outweigh the effort. S-E had to implement the Special Task Force and push these security fobs on us because far too many people weren't as secure as they thought they were. And, if given half a chance, the RMTs will do their best to make it happen all over again. Going from a security measure that is completely out-of-band to one that is more connected is a step in the wrong direction.

Just because you haven't heard a peep from the Cylons for a few decades doesn't mean it's OK to let the leggy blonde have access to the mainframe.

And if you really are a super-1337 hax0r posting from behind 7 proxies who doesn't have to worry about these risks, why are you even using the token to begin with? It's not mandatory.

[Seirra_Lanzce]

wtf is wrong with you guys, if you do not want it, dont use it. geez! I feel more safer with more security, and those that has problem is due to you keep hacking ur own phone, that y it always spoiled! >:O

[Delsus]

OK, then you, personally, don't fall for it. But enough people will that the game economy will crash and playing XIV will feel like XI before the Special Task Force, thus ruining your gaming experience regardless of your savvy.

People fall for these ruses all the time. Attackers keep doing it because it keeps working spectacularly, and the rewards always far outweigh the effort. S-E had to implement the Special Task Force and push these security fobs on us because far too many people weren't as secure as they thought they were. And, if given half a chance, the RMTs will do their best to make it happen all over again. Going from a security measure that is completely out-of-band to one that is more connected is a step in the wrong direction.

Just because you haven't heard a peep from the Cylons for a few decades doesn't mean it's OK to let the leggy blonde have access to the mainframe.

And if you really are a super-1337 hax0r posting from behind 7 proxies who doesn't have to worry about these risks, why are you even using the token to begin with? It's not mandatory.

It works on uneducated people, at school I hardly learned about the possible attacks on PCs, I am interested in computers so I researched them myself, people who haven't learned about them fall for it, but I believe this type of education is standard in schools now because of the risk in it all.

The main people to fall for this sort of "ohai gimme your login details" emails is pentioners, because they are for the most part completly un-educated, the main way of getting login information is because people download programs which contain keyloggers, the standard phishing is going down because people are not falling for it as much as they used to.

Normal common sense and anti-malware are gradually winning and hackers are forced to revert to other methods.

And I don't hide behind 7 proxies, I have anti-virus, anti-spyware and a software firewall, when I get the money I may get a decent hardware firewall as well, but not right now.

I am educated I know what the risks are and I try to prevent those risks, as of today I have never had a security breach on my laptop or phone and hopefully I never will, if I do I will get rid of it as soon as its detected.