Get a Token!!!

[HamHam]

I'd love to get a token, really I would. But SE is making that near impossible.

I've since lost the token from 1.0. After much run around, SE finally lifted the restriction so I could log in without one. However, it's still listed as registered in SE's account management. So when I tried to add my new token, it wants me to manually remove the old token. To do that, I need a one time password from the old token. Thus, I can't use a token at all.

I was in your situation. I went to their chat support and was able to get through after 2 hours of waiting, and they removed the registered token and seconds later I registered a new one I received with my PS3 ARR Colection Edition.

It can be done, but it will take you a while before you can contact SE.

[ReplicaX]

Not sure which it was, was probably a app token.

Anyway, you shouldn't really need a token if S-E just had decent security.

Really?

As a PC user it is also your responsibility to have decent security. You do realize most of the compromised accounts are from:
- weak passwords
- shared passwords
- phishing scam
- accessing gil seller sites thus getting keylogged
- malware/malicous software
- none having an actual active security/software token

I have yet to see factual evidence of an active security / software token being bypassed from the actual person compromised. I don't go by hearsay.

[ilJumperMT]

Really?

As a PC user it is also your responsibility to have decent security. You do realize most of the compromised accounts are from:
- weak passwords
- shared passwords
- phishing scam
- accessing gil seller sites thus getting keylogged
- malware/malicous software
- none having an actual active security/software token

I have yet to see factual evidence of an active security / software token being bypassed from the actual person compromised. I don't go by hearsay.

You forgot using same username and password on other websites. Remember then Curse Aion got hacked? lots of Aion magically got hacked due to users using same password!

[ReplicaX]

You forgot using same username and password on other websites. Remember then Curse Aion got hacked? lots of Aion magically got hacked due to users using same password!

Yes, this as well, thank you.

Many corporations and banks use security tokens now as an extra layer of security. These corporations also have IT professionals keeping their networks and user end machines protected. At home its your responsibility to keep your computer protected.

[Adelphe]

There have been posts about people with tokens getting hacked.

i'd like to meet the hacker that could do that, then even our banks are not safe, lol

[Amberion]

It's not about SE security, its about users security, a lot of people visit dodgy websites unsuspectingly installing keyloggers on to their computer.

Also many people have dynamic IP addresses which are changing all the time, you can't lock these people to that kind of system or you would never be able to log in.

Did you actually read what I wrote? Dynamic IP never change the entire number, it can only change between those numbers that an operator have registered. Hence why I had those 2 last once as any. Or able to chose by country.

Also, I never said it was mandatory, I said you should be able to, not forced to.

i'd like to meet the hacker that could do that, then even our banks are not safe, lol

Ohh, you mean to say that banks security are 100%? Have you been reading/watching news the last few years?

Not sure how it's with bank tokens nowdays, but anyway, people are still getting their accounts emptied. So no, banks are not 100% safe, nothing is.

[ZakarnRosewood]

You only get hacked if you let them. Usually without even realizing it, if the hackers are doing their job properly. Either through downloading a program that has a keyloger attached, entering account info on a dummy page, by using the same passwords for everything (once you are compromised in one situation, they try the same passwords for every other site that uses your ID), or many other methods. I can guarantee you that hackers are not, at random, scouring for IP's to secretively sneak into your computer and get your FFXIV information.


Many of these "hackers" have a large database full of account info, everything from banking information to email logins, to facebook accounts. But they get it all by your own hand.

Sorry if this angers people but it is true. Never once got hacked in WoW or even received fake emails until my son installed a mod on my computer for the Curse.com auto mod updater (or something like that) then it brought a keylogger and they got my info. Lost my level 80 and everything. I contacted Blizzard, got everything straightened out, got my account rolled back, and removed the keylogger, but since then I get a constant stream of fake emails trying to get my info again.

Educate yourself in how these "hackers" get your information, learn to spot fake from genuine and protect yourself. Its not up to the world to protect you from your own mistakes. Pull up your pants, accept responsibility and learn from it.

[HurtigeKarl]

Not sure which it was, was probably a app token.

Anyway, you shouldn't really need a token if S-E just had decent security.

You should be able to bind it to specific country, or specific IP adress like ???.???.*.*, have the 2 last once there as most have dynamic adresses. That would stop over 90% of hacked accounts I think.

Proxys bypass the "specific country" counter-measure, specific ips won't work for those who have dynamic adresses. So I am guessing your suggestion wouldn't even stop 1% of the hacked accounts.

[HurtigeKarl]

You only get hacked if you let them. (...)

So if the email company gets hacked, it is fault of the user? LOL. This is why I use physical token; now I can only get "hacked" if SquareEnix gets compromised and I do not have to take consideration to any hack attempts against the email company.

[Amberion]

Proxys bypass the "specific country" counter-measure, specific ips won't work for those who have dynamic adresses. So I am guessing your suggestion wouldn't even stop 1% of the hacked accounts.

It's actually harder for them to get your IP then password. And that is what is needed with country lock. There is a lot of mail services that has that as an option, and it has reduced hacked e-mail accounts.

And as for dynamic addresses, I suggest you reread my post. I did not suggest to lock it to entire IP address, only the first 2 parts. Not sure if any operator has larger range then those last 2 for dynamic range.