Support NeoGAF

[The Elite]

Thank God

You're welcome.

 

[InsaneTiger]

Makes sense for Sony to just implement the feature and not tell anyone about it.

 

[Shahed]

Couldn't you also install Android-x86 on a virtual machine, then install the Authenticator on that? Zero cost to you and 20 minute inital setup.

That would work. The reason I mentioned a cheap phone though is you can take it with you in case you want to log into Gmail on another device at work, school, library, friends house or whatever

 

[InsaneTiger]

You're welcome.

You died for our sins.

 

[thebigmachine]

This is a game changer!

 

[MegamanXZero]

What's that gotta do with login security?

Because without 2 step verification it's easier to hack or hijack an account, meaning your credit card info could also have been compromised.

 

[Sidewinder]

You're welcome.

Is it you Kaz?

 

[dallow_bg]

Because without 2 step verification it's easier to hack or hijack an account, meaning your credit card info could also have been compromised.

Not sure I follow. I already agree with what you wrote.
The post I quoted is what I don't understand.

2 step is good even if you use pre-paid cards for psn credit. You don't want someone using your account for them to load stolen CC info and risk a ban when the chargebacks hit.

 

[The Elite]

Is it you Kaz?

I can be whoever you want me to be, as long as they have 2-step turned off.

 

[oRuin]

Good stuff. I was thinking about this the other day. Would help me feel safer leaving my card number on my psn account details.

 

[Big Chungus]

will laugh if people still get hacked

 

[Paganmoon]

I can be whoever you want me to be, as long as they have 2-step turned off.

Pretty sure that's what 2-step is here to prevent!

 

[5taquitos]

will laugh if people still get hacked

It'll be optional and plenty of people won't turn it on.

 

[VanWinkle]

Dang, that would be great.

 

[bengraven]

I do this all day long at work (setting up pass "codes" for customers in addition to their normal online passwords) and now it's coming home to bite me in the ass.

 

[WordsintheWater]

So this is just for PS3 so far?

 

[LAM09]

Taken their time.

 

[Shahed]

You're welcome.

Were you the one who someone else activated your account on their PS4 to play yoir games and used the 6 month deactivation thing so you couldn't get it back?

I had something similar happen to me. We have more than one PS4 in the house and I put my account on my brothers so he could play a few things. A few weeks ago I logged in on his PS4 to deactivate it and out it back on mine only to see it wasn't activated. Confused I double checked mine and it also wasn't there. Just to make sure I also checked my sister and other brother who lived elsewhere even though I was pretty sure my account wasnton theirs.

I went to do the once every 6 month deactivate all online but it said I'd done it recently which I found bizarre. I called Sony and they said it had been done like 2 weeks earlier. I knew I definitely hadn't done that so I offered to give them the MAC address and serial numbers of the PS4's in my house to check if my account was there. They said while my account had been there before it wasn't now. I told them I'd never used any other PS4 so they said they'd reset my activations for me 'out of goodwill' and I kept them on the phone as I changed my password (different to my gmail) and reactivated my PS4 there and then.

I don't know how or where someone else got my PSN password since it's different to everything else but I changed it and have my PS4 back as Primary. There's been no problems since but knowing what can happen I've felt awkward and not fully sure as to how secure everything was. Having 2 step would be such a relief since even if they did get my password they wouldn't be able to do anything without my code.

 

[MegamanXZero]

Not sure I follow. I already agree with what you wrote.
The post I quoted is what I don't understand.

2 step is good even if you use pre-paid cards for psn credit. You don't want someone using your account for them to load stolen CC info and risk a ban when the chargebacks hit.

I'm guessing he meant that he wasn't worried at all even before the 2 step verification. So only looking at the CC aspect and not the actual vulnerability of the account security.

 

[The Elite]

Were you the one who someone else activated your account on their PS4 to play yoir games and used the 6 month deactivation thing so you couldn't get it back?

.

I was. Sony fixed it in about 24 hours. My log-in info was compromised in the Adobe hack of 2013. I don't even recall having an Adobe account.

I will be using 2-step as soon as it is available.

I am surprised this is at the console level though. Wouldn't this be an account thing that would have to be applied universally? I shouldn't be able to log on to the web store without 2-step.

 

[dallow_bg]

I'm guessing he meant that he wasn't worried at all even before the 2 step verification.

Ah ok, and he should be for the reason I posted.
Doesn't matter if you don't use your own CC with them.

 

[Sithlord77]

Ok so everyone is talking about it but noone is saying where it is in the options?! I can't see it.

 

[AlexBasch]

So what if I don't have a phone or an email? Fuck Sony.

Spoiler

Surprised it took this long, both my Facebook and Microsoft account have the two step verification.

 

[Miroku129]

Thanks Spider-Man.

Yeah! Spidy saves the PlayStation user base

 

[Nokterian]

About damn time but where is it i can't see it on my account as of yet.

 

[Shahed]

I was. Sony fixed it in about 24 hours. My log-in info was compromised in the Adobe hack of 2013. I don't even recall having an Adobe account.

I will be using 2-step as soon as it is available.

I am surprised this is at the console level though. Wouldn't this be an account thing that would have to be applied universally? I shouldn't be able to log on to the web store without 2-step.

It would have to be account wide. I mean if it wasn't there'd be no point in having it. It would just also be enabled console side as well.

 

[pharmboy044]

Is this one of the reasons why we have maintenance today?

 

[5taquitos]

Is this one of the reasons why we have maintenance today?

That's the theory

 

[murgo]

Finally, took'em long enough.

 

[mcz117chief]

will it be possible to use your pc as the second device? I don't have a smartphone.

 

[TheSeks]

I don't have a cell phone plan.

So use the e-mail option and Win2Auth your e-mail. Simple.

So what if I don't have an email? Fuck Sony.

Then how the hell do you have a Playstation Network account?

 

[5taquitos]

will it be possible to use your pc as the second device? I don't have a smartphone.

Depends on their implementation. If they use one of the open models, you can use something like WinAuth (https://winauth.com/) or an Android VM with the Authenticator app. If they limit it to just SMS, you'll have to find another workaround.

 

[The Elite]

will it be possible to use your pc as the second device? I don't have a smartphone.

Do you have a regular cellphone that can receive texts?

That should be enough. Otherwise, email is sometimes an option.

 

[timmyp53]

Sonys listening knows no bounds.

 

[mcz117chief]

Do you have a regular cellphone that can receive texts?

That should be enough. Otherwise, email is sometimes an option.

Yeah, I have a classic phone that can receive text messages.

 

[AuthenticM]

If you got a smartphone without a Sim card and phone plan you could download the Gmail Authenticator App instead. You don't need a Phone Contract. A cheap smartphone iw all you need and an Internet connection. When logging in on a new device you would input the code from the App to be able to get in. Then you could choose to not require the code again for that particular phone/PC/laptop/whatever.

Personally I use texts the phone app is limited to that particular phone so if you lose it it's a bit awkward. You can receive a text elsewhere if need be. You also get like 10 codes you can make a note of in case of emergencies.

It might sound awkward but in fact it's very easy and quick to use. Makes you feel so much more at ease in terms of security and it's something I highly recommend and wanted on PSN for a long time

I see. So I could use that Google app for anything not related to Google, such as PSN, Steam, or an Outlook account?

 

[5taquitos]

I see. So I could use that Google app for anything not related to Google, such as PSN, Steam, or an Outlook account?

Only if the service supports it. Here's what you can use with Google Authenticator: https://en.wikipedia.org/wiki/Google_Authenticator#Usage

Steam is not supported, you have to use the Steam app instead

 

[LordOfChaos]

Im sorry but the PSN store performance on PS3 is a non issue when YOU SHOULD USE THE PC STORE! I see this shit in every PS3 thread. Havent needed to open the Ps3 store in years.

Here!
https://store.playstation.com

I do that, but whipping out a PC every time I want to give money to my console is hardly optimal.

Plus, even their website and mobile app are weirdly slow, though 1000x better than the PS3.

 

[dallow_bg]

I do that, but whipping out a PC every time I want to give money to my console is hardly optimal.

Plus, even their website and mobile app are weirdly slow, though 1000x better than the PS3.

Whip that phone out.

 

[NastyBook]

First page goes without the "It's been 84 years" old lady. Sad times.

 

[Twookie]

fucking finally!! i've been waiting for this for so long

 

[Qwark]

From other thread:

This is great, but this wouldn't have prevented the infamous hack, correct? This is just account protection, not database protection. Am I assuming incorrectly?

 

[Lima]

From other thread:

This is great, but this wouldn't have prevented the infamous hack, correct? This is just account protection, not database protection. Am I assuming incorrectly?

This wouldn't have prevented the hack but would have prevented them from logging in to the accounts they compromised because they would be missing the device that is used for 2 step verification.

 

[Qwark]

This wouldn't have prevented the hack but would have prevented them from logging in to the accounts they compromised because they would be missing the device that is used for 2 step verification.

Gotcha, so your PSN account would've been safe but your identity is still at risk. Good on them for finally implementing it though, maybe we'll see fewer account breaches now.

 

[xzeldax3]

It's been too god damn long. I've been so paranoid because of the many cases I've read about people losing their accounts to strangers. I need 2 step verification right now!

 

[Aurizen]

#BetterPSN

 

[Jotamide]

Only 6 years late!

 

[Shpeshal Nick]

So it's coming that fast? Niiiiiiice.

 

[Shahed]

Gotcha, so your PSN account would've been safe but your identity is still at risk. Good on them for finally implementing it though, maybe we'll see fewer account breaches now.

In theory if everyone enabled 2 factor there should be no way anyone could have someone else access their account for stuff like the Fifa hacks and more. Even if they knew the persons PSN email and password they'd be missing the email, app code or text they'd need to access from a non approved device.

In practice there will still be a lot of hacks because the majority of people are lax about their security and will not enable 2 factor authentication.

I see. So I could use that Google app for anything not related to Google, such as PSN, Steam, or an Outlook account?

Only if it supports it. Some things like Steam have their own App so there's a chance Sony might make one for PSN, use the Gmail one or just stick tosending you an email code ot text message. If you choose the email code option you could get the code that way by accessing your email mail on your phone via a browser or Gmail/generic email app. Personally I prefer email and texts because they can be accessed from a few other sources if my phone is getting repaired or is on charge, but phone/tablet apps works as well.

 

[Kyrios]

Should have been implemented the same day PSN went back online after the 2011 hack. Better late than never I guess.