• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Two Step Verification Is Now Live For US and EU PSN accounts

joebruin

Member
Is it true that it doesn't remember a device/browser on PC and needs a code for every login?

i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?

I will say, how they set up the two-step for Vita/PS3 is weird. Just in case, I'm keeping the password somewhere just in case my Vita wants to fucking forget it.

not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)
 

Andvary

Member
i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?



not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)

I don't know about the Store, but this one asks for the verification code every time.

https://account.sonyentertainmentnetwork.com/login.action
 

EmiPrime

Member
Finally!

A moment of silence for all the FIFA and Neverwinter scammers who are out of a job.
Good riddance

They'll still have plenty of targets. How many people IRL do you know who don't even use 2FA for their email? Everyone I know either doesn't know it exists, can't be bothered with it or tried it then turned it off because they thought it was a pain in the arse.
 

joebruin

Member
I don't know about the Store, but this one asks for the verification code every time.

https://account.sonyentertainmentnetwork.com/login.action

when i login using that link (if I'm already logged in) it errors out and then sends me a verification code. but afterwards if i just go to any other playstation website i'm still logged in.

i noticed that sony seems to have multiple login pages as some of the urls are different. so maybe they haven't ironed everything out yet.

i restarted my browser and went to the psn store and i was still logged in and could view my account settings and everything
 
i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?



not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)

Well, the idea of having pre-generated passwords for other devices outside of your PS4 is definitely different. Getting the 6 character code to approve of something is normal. The pre-generated password is a bit new to me. I see how it works, but it's definitely different from most others.
 
Well, the idea of having pre-generated passwords for other devices outside of your PS4 is definitely different. Getting the 6 character code to approve of something is normal. The pre-generated password is a bit new to me. I see how it works, but it's definitely different from most others.

Facebook/Gmail is doing the same for App Passwords.
 

perorist

Unconfirmed Member
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.
 
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.

No, your old password is not gone. And that is how 2FA works. Plus you cannot retrieve the password again. You only can write that down or simply revoke the password.
 

Andvary

Member
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.

From the website:
For PS3, PS Vita, PSP or some mobile phones, use a device setup password the first time you sign in to Sony Entertainment Network from that specific device. Then whenever you sign in after that, you can use your account password as usual.

I haven't tried but it looks once the device has been authorized you can use your old password to login as usual.
 
Really paranoid that if I use my UK phone number on my US account I might get added to a list at Sony HQ titled "for future reference..."
 
Finally! Time to enable it... now if I could do something about the 50 "Forgot your Password' emails I get on a weekly basis from hackers trying to get into my account -.-
 

joebruin

Member
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.

the instructions say you only need to sign in once as long as you check the appropriate boxes. if you ever need to sign in again you just use your normal account password. its basically a one time use password to verify that you own the device.

there's no option to retrieve what that device password if you didn't write it down. you revoke it and generate a new one.
 
As I understand it a device password is just a roundabout way to authorize legacy devices

Normally:

Request 2FA
Enter code into field specifically for the 2FA code
Device Authorized

device password is just

Request Device PW
Authorize with 2FA on website
Enter Device PW into PW field (instead of specific 2FA code field, as it doesn't have one)
Device Authorized

practically it should give you the same security
 

perorist

Unconfirmed Member
No, your old password is not gone. And that is how 2FA works. Plus you cannot retrieve the password again. You only can write that down or simply revoke the password.

From the website:

I haven't tried but it looks once the device has been authorized you can use your old password to login as usual.
I read that but it doesn't work for me. After signing in with the generated password, I sign out, then try to sign back in with my original password. When I do this it tells me either my username/password is wrong and I get a text telling me to go to the website and generate a new password for the device.

I've essentially repeated the process 3 times and it still keeps rejecting my old password and making me generate a new one.
 
Just set up 2FA on my account through my PS4 on v. 3.55. So you don't need to be running the 4.0 beta. Also chose to have my account signed out on all devices for a fresh start. Feeling a little safer now!
 
As I understand it a device password is just a roundabout way to authorize legacy devices

Normally:

Request 2FA
Enter code into field specifically for the 2FA code
Device Authorized

device password is just

Request Device PW
Authorize with 2FA on website
Enter Device PW into PW field (instead of specific 2FA code field, as it doesn't have one)
Device Authorized

practically it should give you the same security

Yeah, considering you'd need to use 2FA to access the page to request a new device password, I can't see any way of someone adding a new device to your account, or making any use of an existing device password you've already got unless they're physically holding your Vita.
 
I read that but it doesn't work for me. After signing in with the generated password, I sign out, then try to sign back in with my original password. When I do this it tells me either my username/password is wrong and I get a text telling me to go to the website and generate a new password for the device.

I've essentially repeated the process 3 times and it still keeps rejecting my old password and making me generate a new one.

You using the 2FA in a wrong way. The correct:

1) Login via website account.sonyentertainmentnetwork.com with your original password.
2) Setup 2FA. If you already setting up 2FA, generate a device password. Write this down.
3) Your consoles will be logged out when trying to connect. Re-login with your email AND your generated password.
4) Done!
 

perorist

Unconfirmed Member
You using the 2FA in a wrong way. The correct:

1) Login via website account.sonyentertainmentnetwork.com with your original password.
2) Setup 2FA. If you already setting up 2FA, generate a device password. Write this down.
3) Your consoles will be logged out when trying to connect. Re-login with your email AND your generated password.
4) Done!
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
 

Kagoshima_Luke

Gold Member
Some hacker is now scrolling through our cell phone numbers stored in plain text by Sony and looking a bit like this:

tumblr_lwn7sfqKi51r5fs53o1_500.gif
 
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.

Your original password will be rejected on console.

If you want to test if your old password still working, test via website (store.playstation.com or account.sonyentertainmentnetwork.com).
 

Tevious

Member
I'm an American living in S. Korea. Can I add my Korean cell number? Or can I use a US VOIP number (internet phone w/ text)? Or should I just use my mother's (US) cell number?
 

PaulLFC

Member
I just tried to set it up - added a mobile number, got a verification code but whenever I submit the code I just get "An error has occurred". Maybe too much traffic right now or something.
 

Cynar

Member
Done. So glad this is finally here. Best feature of all time. I set this up on all my accounts that I'm able to. Worth the extra hassle.
 

perorist

Unconfirmed Member
Yeah but indeed that is how 2FA works. Unless you want to change the concept how 2FA works..lol
No, there's many types of 2FA. Steam's implementation lets you use your password as usual and your phone acts as an authenticator that you only need to use if you sign in on a device for the first time.
 

perorist

Unconfirmed Member
I'm an American living in S. Korea. Can I add my Korean cell number? Or can I use a US VOIP number (internet phone w/ text)? Or should I just use my mother's (US) cell number?
Yeah it should work, I'm in the same situation as you with different phone/account regions. It gives you a list of regions to choose from when registering your phone number.
 

Cynar

Member
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
I don't think you understand how this works. Watch this video explaining it by Google.

https://youtu.be/zMabEyrtPRg


Is this for verifying purchases, or for literally any time you turn on your system and it auto signs in?
It's not secure if it's just for purchases... Sooooo
 

joebruin

Member
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.

I don't think you understand how this works. Watch this video explaining it by Google.

https://youtu.be/zMabEyrtPRg

i think he might have gotten confused because of the wording used when you generate a device password:

"Whenever you sign in after that, you can use your account password as usual"

Just to clarify, you don't log out of the device after you're logged in using the device password. What this line is saying is if, for example you try and modify your account settings through that device and it prompts you to login again you can use your normal password since you've already authorized the device by logging in with the device password.
 
Top Bottom