Jump to content

one time pass words

kingstonluke

By kingstonluke
in General Discussion

 Share

Recommended Posts

Mubrak

Mubrak

Posted
Posted (edited)

It's part of the two-factor-authentication to make your account more secure.

 

In addition to the account login and password either the IP needs to be the same as last time, or you need to use a one-time-password sent by email, or you need to enter a time-based-one-time password generated by an authenticator app.

 

The email with the OTP is sent everytime your IP changes, which is every 24h or everytime you relog to the internet nowadays. Maybe in the 90's this was an adequate way to identify your computer but today the majority of ISPs assign the IPs dynamically.

 

Aside from changing to one of the few ISPs that still offer static IPs to private clients, the only way to get rid of the OTP-mails is seting up a security key under https://account.swtor.com/user/security-key. You can then use the official SWTOR security app or google authenticator on your smartphone, or even Winauth on your PC, to generate a code that serves as the second password. Using the security key will also earn you 100cc per month and access to the security key vendor.

Edited by Mubrak
Link to comment
Share on other sites
mudmobile

mudmobile

Posted
Posted
I hope everyone else gets one every single time they try to login because im about to throw a fit I mean whats the fkn point of a regular password if I have to enter 2 every time I log in to the game or website.

what the actual f!@k???

Yeah the OTP thing is quite annoying but I think you have other problems. You shouldn't have to do it every single time you login, it should only happen when your IP changes.

 

So either you are mobile regularly or you need a new router.

Link to comment
Share on other sites
Mubrak

Mubrak

Posted
Posted (edited)
Yeah the OTP thing is quite annoying but I think you have other problems. You shouldn't have to do it every single time you login, it should only happen when your IP changes.

 

So either you are mobile regularly or you need a new router.

 

Most ISPs change your IP regularly at least once a day. Only companies, universities etc. still get a static IP.

Then many of us use VPN services to get a passable ping, and those change your IP too.

 

The times where the IP was a proper means to identify a system are long past. Websites that want to identify you use cookies, services like Steam use a hardware checksum to identify your computer, dynamic IPs are the standard among mass-market ISPs, static IPs are a niche product.

Edited by Mubrak
Link to comment
Share on other sites
Max_Killjoy

Max_Killjoy

Posted
Posted

All of which require giving bloatware like Steam additional system access to the point where you might as well be installing spyware. No company has any business poking around your system to see what hardware you're running, or what other software you might have installed.

 

Meanwhile, the SWTOR OTP is a broken mess. It often takes so long to arrive in your inbox that it's no longer valid. I had the provider of the email account I use run a trace, and emails containing the OTPs are not received at their servers until 10 to 20 minutes after the game or this site is being told to send them, and they're only good for 15 minutes. So, I have to keep trying until one of the emails comes through fast enough, meaning it can take hours before I get lucky enough to be able to log in.

 

This while Bioware continues to insist that the emails are sent "immediately". Liars.

Link to comment
Share on other sites
Lundli

Lundli

Posted
Posted
I'm on DSL and while my IP is supposed to be dynamic it might as well be considered static, every time I restart the router it gets me the same IP again even if I request a new one, I can't remember the last time it changed. Locally I only have static ones, no OTP:s for me :)
Link to comment
Share on other sites
Celise

Celise

Posted
Posted (edited)

got 1k emails in my box, 3/4 of these are one time passwords. the system was silly when it first came out, it still is, but i have come to realize not long after its introduction that it just means wasting a few more seconds on this thing and it will not change until bioware decide it should.

 

one time password madness.

Edited by Celise
Link to comment
Share on other sites
Stoofa

Stoofa

Posted
Posted
Most ISPs change your IP regularly at least once a day. Only companies, universities etc. still get a static IP.

Then many of us use VPN services to get a passable ping, and those change your IP too.

 

 

No, they really don't.

I've had my current IP address (UK BT Infinity) for nearly two weeks now.

Leases are set short, but will simply renew rather than collecting a new address.

Link to comment
Share on other sites
Draqsko

Draqsko

Posted
Posted
No, they really don't.

I've had my current IP address (UK BT Infinity) for nearly two weeks now.

Leases are set short, but will simply renew rather than collecting a new address.

 

I've had the same IP on Verizon forever practically, the only times I've gotten asked for a OTP have been after reinstalling an OS even though my IP address never changed. And I know it hasn't changed because my website tracks IP addresses and it shows only one IP address for all of my logins in the last year and half. Before that the database got scrapped so I can't remember what it was then but I doubt it changed.

Link to comment
Share on other sites
Neo_Psy

Neo_Psy

Posted
Posted
for security reasons....i dont understand the frustration lol. You have a lock at your home door and then the actual door don't you?

 

That's a poor analogy though. A physical door works very differently to something non physical like a software lock/password. Obviously. If the OP was saying something like "Oh ffs I have to keep using my tin opener to open these tins, then what you said would fit.

 

I've played MMO's in the past and never had to keep recovering a temp password from my e-mail (at least from what I remember) So I understand his frustration. I'd rather my account be slightly less safer and not have the inconvenience. But that's just me. YOLO etc :rolleyes:

Link to comment
Share on other sites
BUBBUH

BUBBUH

Posted
Posted

So many of you have no idea how easy it really is to completely take your account.

 

This is one of the most high-security mmo's out there. Credit farmers and scammers are a virtual non factor. The only way for someone to take your account would be through your email. Add another step with the security key through your phone.

 

Without the email security.

All it takes is one little keylogger, boom. They log in, strip you of all your credits, gear, items, empty the cargo holds, everything. If they wanted to be malicious they could sell your bound gear as well. They then can mail that to a junket account in a flash, or sell it on the GTN. It's like a candle dropping out of airplane. Went out before it began.

 

 

15 seconds or lose nearly everything. Have some common sense.

Link to comment
Share on other sites
Draqsko

Draqsko

Posted
Posted
That's a poor analogy though. A physical door works very differently to something non physical like a software lock/password. Obviously. If the OP was saying something like "Oh ffs I have to keep using my tin opener to open these tins, then what you said would fit.

 

I've played MMO's in the past and never had to keep recovering a temp password from my e-mail (at least from what I remember) So I understand his frustration. I'd rather my account be slightly less safer and not have the inconvenience. But that's just me. YOLO etc :rolleyes:

 

Actually it is a pretty good analogy, they just didn't use a proper term, Dead bolt lock. Most doors don't come with dead bolts, but a lot of homeowners install them because of the added security and difficulty breaking down a door with a dead bolt versus one without. Your OTP is your dead bolt for your SWTOR account, and your normal password to log in is your passage lock if you will.

Link to comment
Share on other sites
Neo_Psy

Neo_Psy

Posted
Posted
Actually it is a pretty good analogy, they just didn't use a proper term, Dead bolt lock. Most doors don't come with dead bolts, but a lot of homeowners install them because of the added security and difficulty breaking down a door with a dead bolt versus one without. Your OTP is your dead bolt for your SWTOR account, and your normal password to log in is your passage lock if you will.

 

Yeah ok that makes more sense. Fair enough.

Link to comment
Share on other sites
AlienEyeTX

AlienEyeTX

Posted
Posted
I hope everyone else gets one every single time they try to login because im about to throw a fit I mean whats the fkn point of a regular password if I have to enter 2 every time I log in to the game or website.

what the actual f!@k???

 

Why do you wish this on other people?

 

I stopped using the security key when I switched phones. I just haven't bothered installing it again, though I will soon. I've had to use the "1-time" password maybe 3 times in the past 2 months or so. Not a big deal.

 

But, if you don't like it, I highly recommend the SK. It's free and you get 200cc every month just for using it.

Link to comment
Share on other sites
Sarfux

Sarfux

Posted
Posted

There is a misconception about this. It doesn't mean ONE TIME FOREVER. It basically means one time password...for that session. If you have a browser that delete cookies when you exit, clear your cache, run ccleaner or anything like that, that "session" including anything "one time" will be gone. Because it's not one time for your life of the game. It's one time for that session.

 

Hope this clears this up :)

Link to comment
Share on other sites
Andryah

Andryah

Posted
Posted (edited)
I hope everyone else gets one every single time they try to login because im about to throw a fit I mean whats the fkn point of a regular password if I have to enter 2 every time I log in to the game or website.

what the actual f!@k???

 

Very little sympathy here I am afraid.

 

I don't ever get them. I use an authenticator.. which releases the need for a OTP except when you need to change your authenticator.

 

Anyone that does not want the nuisance of OTP... get an authenticator. ;) Everyone can get one for free.. even if you don't have a smart phone you can emulate one on your PC and install the authenticator.

 

1) anyone who plays an MMO or has an email account, and does not use two factor authentication.. is crazy in this day and age.

 

2) the OTP is there to protect both the player and Bioware from the more common hazards of account hacks for people who refuse to use two factor authentication. You can still get your account hacked if you are careless...but that is completely and totally on you if you do.

Edited by Andryah
Link to comment
Share on other sites
Neo_Psy

Neo_Psy

Posted
Posted
Very little sympathy here I am afraid.

 

I don't ever get them. I use an authenticator.. which releases the need for a OTP except when you need to change your authenticator.

 

Anyone that does not want the nuisance of OTP... get an authenticator. ;) Everyone can get one for free.. even if you don't have a smart phone you can emulate one on your PC and install the authenticator.

 

1) anyone who plays an MMO or has an email account, and does not use two factor authentication.. is crazy in this day and age.

 

2) the OTP is there to protect both the player and Bioware from the more common hazards of account hacks for people who refuse to use two factor authentication. You can still get your account hacked if you are careless...but that is completely and totally on you if you do.

 

How do you do the PC option? I don't have a smart phone.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...