Safe login devices for security tokens

[Fallibehealer]

Hi! I was wondering if there's any plans on making players able to choose safe devices to log in from? Having to login using 2-step authenticator every single session both on Mogstation, the forum or the game itself gets rather tedious very quickly.

Nearly every other game I've played that uses security tokens or similiar 2-step verification allows you to save your device for 30+ days. It's such a basic quality of life change, that I'm wondering why it isn't implemneted in FFXIV yet?

[Valkyrie_Lenneth]

It's not exactly good security to allow that. It takes all of 5 seconds to login with 2fa, it's not really inconvenient.

[Arzalis]

It's fine security practice. If the login is from a different IP/location, require the token again.

The only situation that wouldn't help against is if the actual computer is compromised, but that is not the something 2FA is meant to protect against. If the system is compromised, you should assume the account that was played on it is compromised anyway.

[dspguy]

Before two-factor authentication, it was common for MMO accounts to be stolen. It was a common thread on various forums (official forum for a game, reddit, fan-created, etc). The number of instances of accounts being stolen are very low. The player has to almost go through extraordinary lengths to let their account be stolen.

I had two FFXI physical security tokens (my wife and I). We got them when security tokens first came out in 2008(?). We just replaced the second one earlier this year. That's 15 years. I attach the token on badge pull secured to the monitor. The token has no purpose outside of logging into the game, so that's where it stays. I don't carry it around in my pocket (the software app on the phone). I don't have to worry about disassociating it with my account when I change phones. It is safe and secure. Spend the $10 or whatever, get a physical token and just keep it where you play the game.

[SigmaOZ]

I would prefer using Passkeys for login purposes, they are safer than user/password + token, all in one fingerprint.


Square Enix should take that into consideration to strengthen account security, it should be easy for them to integrate Passkeys into the game launcher either through a cellphone or even easier a fingerprint reader directly connected to Windows/Mac.

[Pratini]

Wish I could use my YubiKey to login.