Please allow us to not need "one time" passwords

[Azoton]

After being spammed by "One time passwords" at least once per day on the same personal computer, I really wish it gone.

 

Cant we have a choice in the matter of our own account security?

[theUndead]

After being spammed by "One time passwords" at least once per day on the same personal computer, I really wish it gone.

 

Cant we have a choice in the matter of our own account security?

 

No. They added this system because people who circumventing the old security so they had to do an overhaul. I never get one time passwords because I have a security key. Maybe, you should consider the same.

[Azoton]

No. They added this system because people who circumventing the old security so they had to do an overhaul. I never get one time passwords because I have a security key. Maybe, you should consider the same.

 

is the security key something like an authenticator? or is it just a second password?

[theUndead]

is the security key something like an authenticator? or is it just a second password?

 

Yes. If you have a smartphone you can download an app that requires some credentials that you will get after you attach a key to your account from the My Account page. Then after it is registered everytime you login, you will be promoted to go your app and key in a code. This adds security but stops the one time password.

[Azoton]

Yes. If you have a smartphone you can download an app that requires some credentials that you will get after you attach a key to your account from the My Account page. Then after it is registered everytime you login, you will be promoted to go your app and key in a code. This adds security but stops the one time password.

 

That is even worse than the multiple random times password then. I will just have to deal with the multiple random times password

[JPryde]

Cant we have a choice in the matter of our own account security?

No, cause people would behave silly and would loose their account and would STILL blame Bioware, cause they were given the choice to deactivate any security even after 100 security safety questions.

 

And a security token is superior to OTP, cause it gives 100 extra cartel coins per month

[morfius]

After being spammed by "One time passwords" at least once per day on the same personal computer, I really wish it gone.

 

Cant we have a choice in the matter of our own account security?

 

Nope...

Only things you can do:

- Pay for static / semi static (if you have constantly running router at home) real IP / Change ISP with one providing such one (as my provider is with semi static real ones and my router never go off I had almost no OTP requests before authenticator add/remove issues was solved so I was able to get one).

- Use mobile authenticator on smartphone or Android emulator installed on same PC.

- Use better mail provider so you get OTP mails faster.

 

Your own security breach will lead to your rant and case to BW CS for restoration if get hacked, why exactly BW has to remove working solution just to make more load with restoration cases and issues in community (as mass /ignore of your characters due to use them for spamming/harassing & so on) because of hacked accounts.

Edited January 28, 2014 by morfius

[Azoton]

Still they are doing it wrong. I have played another mmorpg that can actually tell if you are logging in from a different place/computer than you normally do. This means that in those games the password is truly one time per computer.

 

If the current system is not intending for the password to actually be "one time", but a password that is randomly asked even if you keep playing on the same computer with a static connection then they need to change its name

Edited January 28, 2014 by Azoton

[morfius]

Still they are doing it wrong. I have played another mmorpg that can actually tell if you are logging in from a different place/computer than you normally do. This means that in those games the password is truly one time per computer.

 

If the current system is not intending for the password to actually be "one time", but a password that is randomly asked even if you keep playing on the same computer with a static connection then they need to change its name

 

On same computer with static connection there is no OTP requests.

Only other way to make this work would be to leave traces on your PC that would be used to track your activities (forbidden practice in some countries).

[AlexDougherty]

I only get an OTP when I have to reset my internet (due to local issues), which isn't that often anymore, and when I do, I log onto the forums, and copy and paste the OTP here, so when I play the game it's doesn't ask for the OTP.

[ImmortalLowlife]

That is even worse than the multiple random times password then. I will just have to deal with the multiple random times password

 

The otp is actually worse....you have to pull up yo email everytime you play. With the security key, you open the app & press one button & it gives you a random number. Plus it gives you 100cc every month...ijs

[BlackfoxKitsune]

After being spammed by "One time passwords" at least once per day on the same personal computer, I really wish it gone.

 

Cant we have a choice in the matter of our own account security?

 

Ha you get spammed by the thing, I'm lucky if mine bleeding well shows up. spend ALL November and half of December unable to log in ( I Was fully subbed for those months and NEVER even got to log in or a refund!) because the damn thing Never showed up! yes I checked spam mail, I checked where I filtered all SWTOR mail to (its own inbox folder) and inbox and all the other boxes I have for mail, it just NEVER showed up. The one time password idea is stupid!

[Phyltr]

After being spammed by "One time passwords" at least once per day on the same personal computer, I really wish it gone.

 

Cant we have a choice in the matter of our own account security?

 

Think of it like a seat-belt for your SWTOR account, you might not like it and it might be an inconvenience, but it keeps you safer. Security is often inconveniencing.

[Icebergy]

They already allow this. Its called an authenticator, and they are free.

[Merouk]

Static vs. dynamic IP address doesn't do anything. The pop-up says "one time password" but it's EVERY *********** TIME even if you're trying to get to the website from the same computer that's logged into the game, with the game minimized in the background. It's a double-password feature that is always on, regardless of the verbiage that lies to you about it being an "option" or "temporary."

 

Also, to all the people suggesting the authenticator and the smartphone app, I don't have a stupid smartphone and am not planning on getting one, so screw that.

[Phyltr]

Static vs. dynamic IP address doesn't do anything. The pop-up says "one time password" but it's EVERY *********** TIME even if you're trying to get to the website from the same computer that's logged into the game, with the game minimized in the background. It's a double-password feature that is always on, regardless of the verbiage that lies to you about it being an "option" or "temporary."

 

Also, to all the people suggesting the authenticator and the smartphone app, I don't have a stupid smartphone and am not planning on getting one, so screw that.

 

So use the physical token, it costs $4.99 which should be well within the budget of anyone playing this game.

[Nishki]

Yes. If you have a smartphone you can download an app that requires some credentials that you will get after you attach a key to your account from the My Account page. Then after it is registered everytime you login, you will be promoted to go your app and key in a code. This adds security but stops the one time password.

 

Just don't ever lose or break your smartphone.

 

That said, I have a security key on the way. But nonetheless, bioware should be able to recognize the same damn computer that plays its game every single day and is used 99% of the time to log into the website. The one-time password should be for when the program sees a DIFFERENT computer than the one it always sees. That it just treats every request as a different comp is just lazy and incompetent. Seriously. Its nothing more than that.

[marcusaxavier]

Also, to all the people suggesting the authenticator and the smartphone app, I don't have a stupid smartphone and am not planning on getting one, so screw that.

Mine is on my iPod Touch.

 

You can also get one on an Android emulator (as morfius suggested).

 

You also have the option of ordering the $4.99 Security Key.

 

Or, you can continue with the one-time password route.

[Prototypemind]

Also, to all the people suggesting the authenticator and the smartphone app, I don't have a stupid smartphone and am not planning on getting one, so screw that.

 

As multiple people have said, you can download a free Android emulator and run the app from your PC without issue. I have the app on my phone, but I use the PC instead now. Couldn't be easier.

[JPryde]

Just don't ever lose or break your smartphone.

I just switched my security token app from my smartphone to my tablet the other week and it was a matter of 5 minutes, so I wouldn't say, breaking your smartphone is any real hassle (other than having a broken smartphone).

 

I needed two OTPs, which each arrived within seconds after requesting it.. the first one was to dislodge the app from the smartphone, the second one was to connec the app on my tablet to my account. The smartphone wasn't even needed for it.

[scarlet_magpie]

The one-time pass does indeed seem incredibly random. I can log in, pull up my email and enter it, then log out and an hour later need the password again. However, I can travel 55 miles up the coast to my girlfriends house and log in her laptop and not receive a prompt at all!!

I also have had occassions where the password does not work for whatever reason, and there is no way I can see to request a new one. You simply can't play...

I use a blackberry so cannot have a smartphone authenticator, and I lost my physical one, so will need to order a new one asap.

 

EDIT: Just been on the store. Physical key "product no longer available" and app version only available on iphone and selected android. sigh....

Edited January 29, 2014 by scarlet_magpie
additional info

[Umbura]

So use the physical token, it costs $4.99 which should be well within the budget of anyone playing this game.

And then, you need to read and paste a code each time you login ? Is it the way it works ?

Instead of a copy and paste, from time to time ?

 

I'm not totally convinced that this solution is more comfortable.

 

I don't have such a token to access my bank account. Should I close my bank account ?

Or is it done on server side, without additional fee ?

IQKUTP8

Edited January 29, 2014 by Umbura

[ImmortalLowlife]

Just don't ever lose or break your smartphone.

 

I went thru 4 phones in 2013 searching for an android phone that fit my needs (wound up with an LG-9000)....each time I had to go thru the steps to add the security key to the new phone....took 5min or less each time.

 

And I honestly didn't realize they still MADE phones that aren't smartphones. Lol My 1st was a Samsung dart and it was less than $50 brand new.

[Icebergy]

And then, you need to read and paste a code each time you login ? Is it the way it works ?

Instead of a copy and paste, from time to time ?

 

I'm not totally convinced that this solution is more comfortable.

 

I don't have such a token to access my bank account. Should I close my bank account ?

Or is it done on server side, without additional fee ?

IQKUTP8

 

I seriously do not understand your complaint.

[scarlet_magpie]

And then, you need to read and paste a code each time you login ? Is it the way it works ?

Instead of a copy and paste, from time to time ?

 

I'm not totally convinced that this solution is more comfortable.

 

I don't have such a token to access my bank account. Should I close my bank account ?

Or is it done on server side, without additional fee ?

IQKUTP8

 

The physical token is not available any longer.