• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Sony rolling out two-factor authentication: AUS+NZL tomorrow, other regions to follow

K

kjacobson

Neo Member
jobrro said:
On the web store under Security in Account it says "For 2-Step Verification, please visit this page.", clicked the link and added the number. Still not allowing activation of 2FA which is to be expected until it rolls out.
Click to expand...

Gotcha, just not showing up in mine yet. I'll just be patient then!
 
Mikey Jr.

Mikey Jr.

Member
I think when it finally goes up in Europe and NA/SA, someone should make a thread. Just so everyone can do it at once.
 
RedAssedApe

RedAssedApe

Banned
AmyS said:
What's GCT ?

A quick google search: GCT is Greenwich Civil Time.

So when can we expect two-factor authentication in NA ?
Click to expand...

lol...GCT (Grace Chen Time) is a joke about how Playstation Store updates seemed to go up arbitrarily without any type of schedule.

Although joking it does kind of fit because we have no idea when NA might be going up :)
 
A

AyaisMUsikWhore

Member
I was so close to coming in the thread to say it's must be BS because the reddit post got deleted but it's true! Happy that other people are getting it! kind of wish the NA got it so I can do mines too. Oh well :(
 
I

interfreak

Member
Set up my AU account with the 2 step verification, works like a charm. :)

Looks like you can set up an AU number for a US account as well, although you can't enable 2 step verification just yet on US accounts.
 
S

steveovig

Member
What happens if you don't have a smart phone? Can non-smart phones receive SMS messages? This is not me being sarcastic, as I really don't know. All I have is an older style cell phone for emergencies.
 
Tainted

Tainted

Member
I've just been spammed around 20 2FA SMS's to my phone...and I havent been trying to login on other devices.

All the sms's have unique codes. Either someone is trying to hack into my account and the 2FA is doing its job or there is a bug in the system :/
 
KaoteK

KaoteK

Member
interfreak said:
Set up my AU account with the 2 step verification, works like a charm. :)

Looks like you can set up an AU number for a US account as well, although you can't enable 2 step verification just yet on US accounts.
Click to expand...

That's the news I've been hoping for, need it as I live in Cambodia which doesn't officially have psn, so I use a US account instead.
 
S

shotgunbob04

Member
Tainted said:
I've just been spammed around 20 2FA SMS's to my phone...and I havent been trying to login on other devices.

All the sms's have unique codes. Either someone is trying to hack into my account and the 2FA is doing its job or there is a bug in the system :/
Click to expand...

This just went live, right? Probably a glitch, yeah.

Can't wait for 2FA to go live everywhere else!
 
Tainted

Tainted

Member
shotgunbob04 said:
This just went live, right? Probably a glitch, yeah.

Can't wait for 2FA to go live everywhere else!
Click to expand...

Most probably

I have now received 40 SMS's from Sony within the space of around 20mins. I have had to switch my phone to silent as it is bugging the hell out of me.

I'm not sure when these SMS's are going to stop. I may need to block the number until this is sorted out. :(
 
T

TyMiles2012

Member
Freaking finally. I'm not a fan of the SMS solution though. Hopefully Sony implements the kind that Google, Origin, Steam and Battle.NET does. The random number generator. Specifically one that gives you a QR code to put in an app like Authenticator for iPhone.
 
alexbull_uk

alexbull_uk

Member
Excellent addition. Hopefully they'll eventually add support for authenticator, but no complaints. This is a step firmly in the right direction.
 
P

PaulLFC

Member
Good to see the Reddit post was accurate and this is live - now to just hope it rolls out to everywhere else soon so I can enable it in the UK.
 
K

killer rin

Member
About fucking time. two-factor should be the minimum these days, especially if you take somebody elses money

TyMiles2012 said:
Freaking finally. I'm not a fan of the SMS solution though. Hopefully Sony implements the kind that Google, Origin, Steam and Battle.NET does. The random number generator. Specifically one that gives you a QR code to put in an app like Authenticator for iPhone.
Click to expand...

Wait, you mean it doesn't use the TOTP standard... FFS Sony.
 
T

Transistor

Banned
TyMiles2012 said:
Freaking finally. I'm not a fan of the SMS solution though. Hopefully Sony implements the kind that Google, Origin, Steam and Battle.NET does. The random number generator. Specifically one that gives you a QR code to put in an app like Authenticator for iPhone.
Click to expand...

Wait, if it doesn't give you a random number, what does it give you?
 
Shpeshal Nick

Shpeshal Nick

aka Collingwood
TyMiles2012 said:
Freaking finally. I'm not a fan of the SMS solution though. Hopefully Sony implements the kind that Google, Origin, Steam and Battle.NET does. The random number generator. Specifically one that gives you a QR code to put in an app like Authenticator for iPhone.
Click to expand...

Microsoft, Ubisoft and even Beam use the code generator too.
 
E

EmiPrime

Member
It looks like they're using the same 2FA method that Dropbox and Paypal use and that Google fall back to. Is this really a problem? Was anyone really expecting an authenticator app as good as Microsoft's?
 
mcz117chief

mcz117chief

Member
Thank God it's not smartphones only. I haven't been able to use steam marketplace and other places because of it, good think Sony is thinking of people who don't have a smartphone.
 
Shpeshal Nick

Shpeshal Nick

aka Collingwood
EmiPrime said:
It looks like they're using the same 2FA method that Dropbox and Paypal use and that Google fall back to. Is this really a problem? Was anyone really expecting an authenticator app as good as Microsoft's?
Click to expand...

On iOS even Microsoft asks you to use Google's authentication app. Which works for multiple services.
 
T

Transistor

Banned
Mithos said:
Well it do, but it sends an SMS with it, you don't open Google Authenticator or Authy etc etc, you get sent an SMS to your phone.
Click to expand...

Oh, OK. I get it. I'm fine with the SMS, in all honesty. I mess with my phone too much to worry about having to restore an authenticator.
 
J

JaseC

gave away the keys to the kingdom.
Pankratous said:
So how is 2FA working for this?

You need to put in a code from a text message or something, as well as your password?
Click to expand...

You log in as you normally would and then input the code you're sent to confirm. It's no different to other 2FA methods.

Edit: Oh, and you do have to input a code if you manually log out and then back in. As expected, it's not simply a one-off system authorisation but rather a confirmation of each manual login attempt.
 
K

Kayant

Member
EmiPrime said:
It looks like they're using the same 2FA method that Dropbox and Paypal use and that Google fall back to. Is this really a problem? Was anyone really expecting an authenticator app as good as Microsoft's?
Click to expand...
To add Paypal as an app method via VIP Access which you can set up following this -
https://www.paypal-community.com/t5/Tips-from-Moderators/PayPal-Security-Key/td-p/433633

Also Dropbox has TOTP

Tbh I personally don't like app based methods like MS's, Blizzard because they don't have additional level of protection through something like a pin before opening the app to approve the login request.

SMS solution is fine but does seem to reduce worldwide availability compared to app based solutions or things like TOTP.
 
Tainted

Tainted

Member
Tainted said:
I've just been spammed around 20 2FA SMS's to my phone...and I havent been trying to login on other devices.

All the sms's have unique codes. Either someone is trying to hack into my account and the 2FA is doing its job or there is a bug in the system :/
Click to expand...

Tainted said:
Most probably

I have now received 40 SMS's from Sony within the space of around 20mins. I have had to switch my phone to silent as it is bugging the hell out of me.

I'm not sure when these SMS's are going to stop. I may need to block the number until this is sorted out. :(
Click to expand...

Hey gaffers...just an update to this. I posted this issue on reddit and the overwhelming response was that someone was trying to hack into my account. It's VERY coincidental that it happened rigth after I renabled 2FA, but anyway..

I logged into my account on the Sony website, changed the password, disabled and re-enabled 2FA and it has stopped the SMS spam

Just in case someone else has this issue, hope this helps

I guess I should feel lucky that 2FA was doing its job :)
 
30yearsofhurt

30yearsofhurt

Member
Pankratous said:
So how is 2FA working for this?

You need to put in a code from a text message or something, as well as your password?
Click to expand...

You add something to your basket and you get an SMS. You input the code and the itme gets added to the basket. For everything you add to the basket.
Then when you get to the checkout you don't have to authorize jack shit.
I think this is a little wonky. Checkout would be better.
 
Tainted

Tainted

Member
30yearsofhurt said:
And maybe you should give Sony a call to tell them that someone may have hacked your account???
Click to expand...

If that as the cause of the SMS spam...then they didnt get into it, as 2FA was preventing them from logging in.

I have checked everything and it all appears to be ok...I'm not sure what calling Sony would achieve ?
 
L

Lima

Member
People are concerned about SMS because sadly it is not viewed as secure anymore. Read this if you want a detailed report as to why published by the National Institue of Standards and Technology.

https://pages.nist.gov/800-63-3/sp800-63b.html

This isn't about losing your phone or someone else being able to access it.

It is about cloning your SIM card without you knowing it. It's another step 'hackers' have taken in social engineering over the last 2 years or so. They will call your mobile provider and acquire a SIM card with your phone number and then you are fucked. T-Mobile recently changed how easy it is to acquire SIM cards after big youtubers and twitch streamers got hacked that way.

It's also why pretty much all banks in Europe offer a hardware generator for online banking. Many of them still offer 2 step via phones but it is not recommended anymore.

It's a start for Sony but they should be working on getting Authenticator app support asap.
 
B

Bishop89

Member
grimmiq said:
There shouldn't be any issues using this as a clean slate, right?

Create a new e-mail address with a password I've never used. Use 2FA on the new e-mail account.
Change my PSN's e-mail account to the new one.
Change PSN account's password to another I've never used. Use 2FA on my PSN account.

I've likely used the same password as my PSN one somewhere and I occasionally get junk mail on my PSN's e-mail address.
Click to expand...

This isn't really necessary right guys?

If im logged in on all my devices, im guessing this goes into gear when someone tries to login with the same credentials on another device, so there's not really any point?

Or would it be best to create a new email just for psn?
 
You must log in or register to reply here.

Similar threads

UK retailer CeX have had a security breach
34
8K
yatesl replied
How Sony Can Improve PSN Account Security
2
83
8K
Justinh replied
Account "Hacks": Why do they happen & What you can do?
2 3
105
24K
ps3ud0 replied
Why gamers complain about their games being taken away |OT| Censorship Controversy Central
|OT| NSFW 26 27 28 29 30
1K
183K
Pantz replied
  • Locked
Diablo III |OT3| Turn On Elective Mode, Get an Authenticator
394 395 396 397 398
20K
1M
Minsc replied
Top Bottom