Jump to content
Lucidy

2FA (Two Factor Authentication) and it's current status

Recommended Posts

As of now I've made multiple posts to mention about 2fa and wondering what happened to it.

About 4 months ago, we had the first Q&A with Matt Scott.  I personally sat down and watched every minute of it, then later I spent numerous times going over the whole VOD. 


^ This is what I am specifically referring to.
There has been no sort of status update on 2FA since this was mentioned in the Q&A. There has been nothing on the admintracker about 2fa, nothing on the forums, nothing in blogposts. (That I have personally seen)

Just recently the blogposts and communication were centered around UE3.5 (If I have missed something please feel free to show me, because I haven't seen nor heard anything upon this subject since then)

Now I'm not gonna say moving to UE3.5 isn't a bad move, but I'm genuinely curious what happened to 2FA and it's status.
Q4b0tNG.png
This was January 31st 2018, almost 9 months ago. Who is to say this won't happen again without 2fa being added?

Multiple times accounts have been breached on here - most games utilize two factor authentication now (and have been for years)
Account security should be a priority before UE3.5, at least in my personal opinion - especially considering this year there was a serious account breach that even emailed everyone to reset their passwords.

I'm honestly more concerned that people haven't brought this up at all and it has had 0 traction since then. Nobody even I know remembers Matt saying this from the clip, I had to specifically go and clip it just to prove to people - so I have decided to make this thread to bring more awareness to it. Edited by Lucidy
  • Like 3
  • Thanks 1

Share this post


Link to post
Share on other sites

I agree. Let's hope we will get an official answer and not opinions on how LO should prioritize things. 

Share this post


Link to post
Share on other sites

Since this is something separate, I'll separate it from my main post.

For anyone who does not know what 2fa is, here is an informational link made by Authy (one of the apps that companies can register their user base's accounts through as an optional second layer of security)
https://authy.com/what-is-2fa/

There are multiple other things used with 2FA, but usually depends on the company to do what they find best.
Multiple examples can differ where Warframe has 2FA via email, Google itself can have 2fa via it's Google Authenticator app, I've personally had 10-15 accounts of mine attached to my Google Auth app now.

Some games even like CS:GO require 2fa to play in their Prime Matchmaking.

Edited by Lucidy

Share this post


Link to post
Share on other sites

while i personally see 2fa as a pointless irritation, i understand the security benefits it offers 

it it is odd that it’s been so rarely mentioned, but it was snuck into the roadmap (albeit very briefly)
image.png
edit: https://apbreloaded.gamersfirst.com/2018/06/apb-roadmap.html?m=1

according to the roadmap there’s still an armas visual update and a console update in addition to 2fa, so it’s not like we’re conpletely past orbits eta

 

Edited by BXNNXD
link
  • Like 2

Share this post


Link to post
Share on other sites
10 minutes ago, BXNNXD said:

while i personally see 2fa as a pointless irritation, i understand the security benefits it offers 

it it is odd that it’s been so rarely mentioned, but it was snuck into the roadmap (albeit very briefly)
image.png
edit: https://apbreloaded.gamersfirst.com/2018/06/apb-roadmap.html?m=1

according to the roadmap there’s still an armas visual update and a console update in addition to 2fa, so it’s not like we’re conpletely past orbits eta

 

Thank you, I appreciate the link.

I understand where you're coming from that it can be annoying, it's not really good in terms of QOL, but it is objectively just a better thing to have. It personally doesn't bother me, since I prefer to not be worried about my account ever being compromised than being annoyed at putting in a temporary code upon login. Edited by Lucidy

Share this post


Link to post
Share on other sites

Maybe we could get it as an option, like not a forced 2fa, but just if you want to do it

  • Like 1

Share this post


Link to post
Share on other sites

This sounds like some sort of scam to allow AI another foot in the door to their eventual singularity and destruction of the human race.

Share this post


Link to post
Share on other sites
49 minutes ago, Kevkof said:

Maybe we could get it as an option, like not a forced 2fa, but just if you want to do it

I believe that you can use the Steam login to bypass 2FA.


  Edited by Saxtus

Share this post


Link to post
Share on other sites
2 minutes ago, Saxtus said:
I believe that you can use the Steam login to bypass 2FA.


 
You shouldn't have your steam connected with APB if you care about your security in the first place.

Share this post


Link to post
Share on other sites

My previous password was like:
b)Fj*Z%<4BgT
Good luck cracking it. 

2FA is needed only for banking accounts, emails and other personal stuff which can get you in REAL trouble in case of leak/crack.
Steam introduced mobile auth in 2015 yet people still getting scammed in 2018 WITH 2FA enabled. 2FA won't magically save you from "hackers" if you're dumb.

Share this post


Link to post
Share on other sites
31 minutes ago, ឴឴឴឴឴឴឴ said:

My previous password was like:
b)Fj*Z%<4BgT
Good luck cracking it. 

Give me 200 years with current technology and I could do it.

Share this post


Link to post
Share on other sites
1 hour ago, NotZombieBiscuit said:
You shouldn't have your steam connected with APB if you care about your security in the first place.
Please elaborate.

Share this post


Link to post
Share on other sites

I really want this myself. I use 2FA for pretty much every service I use and would love for this to be a thing in APB.

Share this post


Link to post
Share on other sites
9 minutes ago, evilgamer23 said:

stop download spywares ( AKA fake cheats) and you dont will need 2FA

[sarcasm]You mean that everybody that got their password reset, after the GamersFirst security breach, had downloaded spyware?
Interesting...[/sarcasm]


  Edited by Saxtus

Share this post


Link to post
Share on other sites

It's very common that people use the same mail and password across several sites, so if just one of those gets breached, your credentials would become available for every service you used them at. You could try checking this page, and then consider if you've been reusing your login anywhere:
https://haveibeenpwned.com/

Even if you have throw-away mail, and unique password for each account you create online, the regular user doesn't, so any compromised account will take up alot of time and resources for support. APB doesn't even have a multiple attempts lock-out, so it's quite vulnerable for brute force attacks.

Share this post


Link to post
Share on other sites
5 hours ago, Kevkof said:

Maybe we could get it as an option, like not a forced 2fa, but just if you want to do it

Share this post


Link to post
Share on other sites

I agree with this proposal, it would be nice to incentivize it though like blizzard and steam. Maybe give people a free gun for using it.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...