1 1/2 hours on the phone to get disconnected by support

[pjcnet]

Well I just love this so called Technical Support forum, NOT! I've never EVER seen a single reply from anyone at Square Enix or even a moderator, these forums appear to be totally ignored by staff. The support from SE is worse than terrible, they don't even seem to properly respond to urgent support tickets and the phone service from what you've written often appears worse than non existant, I say worse than non existant and I mean this literally as not having this phone service at all is better than wasting your time and often phone call charges waiting on the phone to be finally cut off.

Suggestion:

Please check your PC for any malware thoroughly before changing your password again and ensure you have a decent firewall installed, if you need help doing this please reply. If you are changing your password and they're still getting into your account afterwards then they've either hacked Square Enix's servers themselves which is fairly unlikely or they're getting your new password somehow from your end. Obtaining your new password could be done by using a keylogger or similar malware on your PC that silently steals your password and passes it onto the hacker, or they could find it out by using brute force methods (using the optional security token or smart phone application to provide a one time password can prevent keylogger hacking for FF XIV ARR as it provides an additional level of security, but you'll still want to have any malware removed too). Square Enix should be protecting users against brute force by temporarily suspending accounts after too many failed login attempts for say 5 minutes while also sending an email to the user so they can report suspicious activity if it wasn't them failing to login, but unfortunately I don't think this protection is implemented at the moment (I could be wrong). To prevent brute force yourself however simply set a new password using a long random combination of letters, numbers and special characters, E.g. a password of qn8z_3n90a37+f3 would most probably take something like 100+ years to break using brute force for instance. The hackers brute force attacks are more likely to skip accounts that aren't cracked fairly quickly and the ones they'll crack will most likely have insecure passwords, E.g. English words or names. If it's really necessary store your very secure unrememberable password in a text file on your PC and just copy it over when logging in (as long as only trusted people use your PC!), it's not ideal, but it's better than using a password that can be guessed by brute force attacks. Finally ensure you change the password on your Email account that is registered with Square Enix to something equally secure so it also cannot be guessed by brute force methods either. Remember that If the hacker knows your email address and has access to it they can simply click on the "Forgot your ID or password" option to have password reset details sent to your email address for them to access. You also want to make sure that no hacker has changed your registered email address on your SE account to one they have access to instead of your email address, obviously if it was changed you need to change it back immediately and then change your password once more to make sure.

Good luck!

PS: If you can't get into your account because you're password has been changed and resetting your password doesn't work either then unfortunately you'll have to find a way to get help from SE.