Aeronaut 647 Posted December 31, 2018 so if i lose the original device that had google authenticator, what are my options? contacting support? also, for some reason, i've revoked 2fa on my web browser, but on my phone, it still asks for a code? 1 Share this post Link to post Share on other sites
Saxtus 497 Posted December 31, 2018 I suggest you using https://authy.com/ instead of Google Authenticator. That way you're covered if you lose your device. 3 Share this post Link to post Share on other sites
rooq 175 Posted December 31, 2018 I happened to switch devices recently while forgetting to back up or transfer application data. For the forums you can remove the Google authenticator by simple email verification. Go to the section under account settings on the forums, and there's an option for removal/recovery. It will send you an email with a link which removes the authentication, allowing you to add a new one. I am not sure if this functions the exact same way with the in-game authentication but I imagine that is the case. 1 Share this post Link to post Share on other sites
vsb 6171 Posted December 31, 2018 10 hours ago, Saxtus said: I suggest you using https://authy.com/ instead of Google Authenticator. That way you're covered if you lose your device. seconded Share this post Link to post Share on other sites
Kewlin 692 Posted January 1, 2019 Why LO doesn't just allow email verification codes is beyond me. Share this post Link to post Share on other sites
Saxtus 497 Posted January 1, 2019 (edited) Because email account passwords can be compromised. Also, emails can be sent to the spam folder, delayed due to greylisting or blocked and never get received. I am glad LO chose time-bound codes. Edited January 1, 2019 by Saxtus Share this post Link to post Share on other sites
NotZombieBiscuit 3146 Posted January 1, 2019 2FA is not secure enough. We need 3FA as well as mandatory biometric scans. 2 Share this post Link to post Share on other sites
Kewlin 692 Posted January 1, 2019 8 hours ago, Saxtus said: Because email account passwords can be compromised. Yes, and for most people if their email gets hacked their entire life could be fucked, and as such their APB account is not their biggest concern. I just want an option for email verification, having phone 2FA as well is fine by me. 8 hours ago, Saxtus said: Also, emails can be sent to the spam folder, delayed due to greylisting or blocked and never get received. Yet again, people who suck at using email are not my concern, lol. There's issues with phone verification as well, but some people like it because they're willing to work around those limitations; the same goes for email verification. I personally will probably never use 2FA on this or any other games unless it's absolutely necessary and possibly not even then. Share this post Link to post Share on other sites
Saxtus 497 Posted January 1, 2019 (edited) Well, if LO sucks at email, then it will be your concern. Still remember when SWTOR email server had trouble delaying emails and I couldn't enter because the verification code was arriving expired. But as I see, you found a solution, so all good and safe (except for your account when a new security breach happen again in this game). Edited January 1, 2019 by Saxtus Share this post Link to post Share on other sites
Kewlin 692 Posted January 1, 2019 Also, I think it's funny that you're saying email is an issue because people can steal your password. . . . . . but you suggested Authy. Also, AFAIK APB specifically has never had any major breaches, though there was a point where Goat could have stolen anyone's login info he wanted. Share this post Link to post Share on other sites
vsb 6171 Posted January 1, 2019 2 minutes ago, Kewlin said: Also, I think it's funny that you're saying email is an issue because people can steal your password. . . . . . but you suggested Authy. Also, AFAIK APB specifically has never had any major breaches, though there was a point where Goat could have stolen anyone's login info he wanted. didnt they have to do that big password reset thing because they had a possible breach? Share this post Link to post Share on other sites
CookiePuss 5378 Posted January 1, 2019 1 minute ago, BXNNXD said: didnt they have to do that big password reset thing because they had a possible breach? Something like that. Share this post Link to post Share on other sites
Kewlin 692 Posted January 1, 2019 7 minutes ago, BXNNXD said: didnt they have to do that big password reset thing because they had a possible breach? G1 had no breach, they just decided that there were enough breaches on other platforms that everyone's password was clearly unsafe. . . . . . but I don't use the same password for APB as anything else, so it was a moot point. Share this post Link to post Share on other sites
Saxtus 497 Posted January 2, 2019 (edited) 8 hours ago, Kewlin said: . . . but I don't use the same password for APB as anything else, so it was a moot point. It doesn't matter what you and me are doing about security. It's what others are doing and that affect all of us. Relying on email for 2FA is not logical after we all know about the forced wide password reset because people are too ignorant about how they use passwords. Do you really want a new forced password reset every few months/years or the current 2FA system is now more appealing? 8 hours ago, Kewlin said: Also, AFAIK APB specifically has never had any major breaches We will never know. I am quoting Tiggs (key-phrases in bold) : Quote We do not believe any GamersFirst servers or databases have been compromised. Instead, we believe the attackers are utilizing e-mails and passwords leaked in one of the many large data breaches that have occurred over the years from third-party websites and services. I am not saying Authy is more secure than Google Authenticator, on the contrary. However, it is way more secure than email 2FA, because you can't force people not to use the same password for all services or turn to more secure email services. Edited January 2, 2019 by Saxtus Share this post Link to post Share on other sites
Kewlin 692 Posted January 2, 2019 4 minutes ago, Saxtus said: Do you really want a new forced password reset every few months/years or the current 2FA system is now more appealing? 11 hours ago, Kewlin said: I personally will probably never use 2FA on this or any other games unless it's absolutely necessary and possibly not even then. Take a wild guess, lol. I would prefer no resets and they just treat their customers like adults who can take care of themselves, like most games do. I'm not sure why you're so against email verification as an option. Share this post Link to post Share on other sites
Saxtus 497 Posted January 2, 2019 7 minutes ago, Kewlin said: I'm not sure why you're so against email verification as an option. But I already told you at least two reasons against it: I was burned from it in another game due to game company's issues with their email server from time to time Email verification is not secure when both the account and the 2FA method rely on the same account password and we had already a password reset because of that Also, saying that this community should be treated as adults, makes me giggle a bit. Share this post Link to post Share on other sites
BlatMan 711 Posted January 2, 2019 20 hours ago, BXNNXD said: didnt they have to do that big password reset thing because they had a possible breach? Yes, and now many old players can't sign in because the password reset system isn't sending the verification email. Share this post Link to post Share on other sites
Kewlin 692 Posted January 2, 2019 7 minutes ago, MrsHappyPenguin said: Yes, and now many old players can't sign in because the password reset system isn't sending the verification email. GAMERS FIRST SAVES THE DAY! Though to be fair, the actual issue people were having was primarily with not having access to their email they made their account on, not the email not sending. I personally have never had an email from G1 fail to send that I know of. Share this post Link to post Share on other sites
BlatMan 711 Posted January 3, 2019 (edited) 20 hours ago, Kewlin said: GAMERS FIRST SAVES THE DAY! Though to be fair, the actual issue people were having was primarily with not having access to their email they made their account on, not the email not sending. I personally have never had an email from G1 fail to send that I know of. If you reset your password and signed in before LO took over you're fine, You might also still be able to sign in with Steam if your account is linked, but there's a user on here who can't. I think it bugged when LO upgraded the website. You need to setup a new email and account just to contact support. Also, this forum editor is worse than notepad. https://forums.gamersfirst.com/topic/7336-when-i-reset-password-dont-get-an-email/ https://forums.gamersfirst.com/topic/3613-trying-to-reset-password/?tab=comments#comment-58028 https://forums.gamersfirst.com/topic/5985-password-restoring-is-not-working-anymore-since-new-website/?tab=comments#comment-72055 https://forums.gamersfirst.com/topic/2867-reset-password-not-working/?tab=comments#comment-45900 Edited January 3, 2019 by MrsHappyPenguin Share this post Link to post Share on other sites