• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Two Step Verification Is Now Live For US and EU PSN accounts

joebruin

Member
Apr 6, 2016
1,050
0
0
Is it true that it doesn't remember a device/browser on PC and needs a code for every login?
i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?

I will say, how they set up the two-step for Vita/PS3 is weird. Just in case, I'm keeping the password somewhere just in case my Vita wants to fucking forget it.
not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)
 

Andvary

Member
Sep 20, 2004
2,283
5
1,445
i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?



not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)
I don't know about the Store, but this one asks for the verification code every time.

https://account.sonyentertainmentnetwork.com/login.action
 

EmiPrime

Member
May 16, 2013
10,085
2
405
Finally!

A moment of silence for all the FIFA and Neverwinter scammers who are out of a job.
Good riddance
They'll still have plenty of targets. How many people IRL do you know who don't even use 2FA for their email? Everyone I know either doesn't know it exists, can't be bothered with it or tried it then turned it off because they thought it was a pain in the arse.
 

joebruin

Member
Apr 6, 2016
1,050
0
0
I don't know about the Store, but this one asks for the verification code every time.

https://account.sonyentertainmentnetwork.com/login.action
when i login using that link (if I'm already logged in) it errors out and then sends me a verification code. but afterwards if i just go to any other playstation website i'm still logged in.

i noticed that sony seems to have multiple login pages as some of the urls are different. so maybe they haven't ironed everything out yet.

i restarted my browser and went to the psn store and i was still logged in and could view my account settings and everything
 

SolidSnakeUS

Member
Aug 1, 2013
8,394
1
0
i only had to do it once. although i think it does if you try and update your account settings. which makes sense...

that or maybe people have private browsing turned on?



not sure how its weird. its pretty much identical to how other systems handle it for devices/apps that don't support the verification code system (i.e. Google, Yahoo, Microsoft, etc.)
Well, the idea of having pre-generated passwords for other devices outside of your PS4 is definitely different. Getting the 6 character code to approve of something is normal. The pre-generated password is a bit new to me. I see how it works, but it's definitely different from most others.
 
Jan 22, 2015
339
0
230
Indonesia
Well, the idea of having pre-generated passwords for other devices outside of your PS4 is definitely different. Getting the 6 character code to approve of something is normal. The pre-generated password is a bit new to me. I see how it works, but it's definitely different from most others.
Facebook/Gmail is doing the same for App Passwords.
 

perorist

Unconfirmed Member
May 15, 2012
5,403
0
0
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.
 
Jan 22, 2015
339
0
230
Indonesia
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.
No, your old password is not gone. And that is how 2FA works. Plus you cannot retrieve the password again. You only can write that down or simply revoke the password.
 

Andvary

Member
Sep 20, 2004
2,283
5
1,445
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.
From the website:
For PS3, PS Vita, PSP or some mobile phones, use a device setup password the first time you sign in to Sony Entertainment Network from that specific device. Then whenever you sign in after that, you can use your account password as usual.
I haven't tried but it looks once the device has been authorized you can use your old password to login as usual.
 

joebruin

Member
Apr 6, 2016
1,050
0
0
Just set up and activated it for my account. Didn't know they would generate a password that replaced my old sign in password. This is probably actually much safer but I don't like having to depend on a website to retrieve the password to my own account if I need to sign in or re-sign in on a device.
the instructions say you only need to sign in once as long as you check the appropriate boxes. if you ever need to sign in again you just use your normal account password. its basically a one time use password to verify that you own the device.

there's no option to retrieve what that device password if you didn't write it down. you revoke it and generate a new one.
 

YianGaruga

Banned
Jun 1, 2009
25,236
0
0
Germany
As I understand it a device password is just a roundabout way to authorize legacy devices

Normally:

Request 2FA
Enter code into field specifically for the 2FA code
Device Authorized

device password is just

Request Device PW
Authorize with 2FA on website
Enter Device PW into PW field (instead of specific 2FA code field, as it doesn't have one)
Device Authorized

practically it should give you the same security
 

perorist

Unconfirmed Member
May 15, 2012
5,403
0
0
No, your old password is not gone. And that is how 2FA works. Plus you cannot retrieve the password again. You only can write that down or simply revoke the password.
From the website:

I haven't tried but it looks once the device has been authorized you can use your old password to login as usual.
I read that but it doesn't work for me. After signing in with the generated password, I sign out, then try to sign back in with my original password. When I do this it tells me either my username/password is wrong and I get a text telling me to go to the website and generate a new password for the device.

I've essentially repeated the process 3 times and it still keeps rejecting my old password and making me generate a new one.
 

shotgunbob04

Member
Aug 2, 2014
1,046
0
295
Just set up 2FA on my account through my PS4 on v. 3.55. So you don't need to be running the 4.0 beta. Also chose to have my account signed out on all devices for a fresh start. Feeling a little safer now!
 

toythatkills

Member
Dec 5, 2008
14,337
3
0
Thames Ditton, UK
As I understand it a device password is just a roundabout way to authorize legacy devices

Normally:

Request 2FA
Enter code into field specifically for the 2FA code
Device Authorized

device password is just

Request Device PW
Authorize with 2FA on website
Enter Device PW into PW field (instead of specific 2FA code field, as it doesn't have one)
Device Authorized

practically it should give you the same security
Yeah, considering you'd need to use 2FA to access the page to request a new device password, I can't see any way of someone adding a new device to your account, or making any use of an existing device password you've already got unless they're physically holding your Vita.
 
Jan 22, 2015
339
0
230
Indonesia
I read that but it doesn't work for me. After signing in with the generated password, I sign out, then try to sign back in with my original password. When I do this it tells me either my username/password is wrong and I get a text telling me to go to the website and generate a new password for the device.

I've essentially repeated the process 3 times and it still keeps rejecting my old password and making me generate a new one.
You using the 2FA in a wrong way. The correct:

1) Login via website account.sonyentertainmentnetwork.com with your original password.
2) Setup 2FA. If you already setting up 2FA, generate a device password. Write this down.
3) Your consoles will be logged out when trying to connect. Re-login with your email AND your generated password.
4) Done!
 

perorist

Unconfirmed Member
May 15, 2012
5,403
0
0
You using the 2FA in a wrong way. The correct:

1) Login via website account.sonyentertainmentnetwork.com with your original password.
2) Setup 2FA. If you already setting up 2FA, generate a device password. Write this down.
3) Your consoles will be logged out when trying to connect. Re-login with your email AND your generated password.
4) Done!
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
 
Jan 22, 2015
339
0
230
Indonesia
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
Your original password will be rejected on console.

If you want to test if your old password still working, test via website (store.playstation.com or account.sonyentertainmentnetwork.com).
 

Tevious

Member
Aug 30, 2011
2,445
106
620
I'm an American living in S. Korea. Can I add my Korean cell number? Or can I use a US VOIP number (internet phone w/ text)? Or should I just use my mother's (US) cell number?
 

PaulLFC

Member
Jun 30, 2010
9,539
2
0
www.twitter.com
I just tried to set it up - added a mobile number, got a verification code but whenever I submit the code I just get "An error has occurred". Maybe too much traffic right now or something.
 

Cynar

Member
Sep 18, 2007
5,935
0
0
Canada
Done. So glad this is finally here. Best feature of all time. I set this up on all my accounts that I'm able to. Worth the extra hassle.
 

perorist

Unconfirmed Member
May 15, 2012
5,403
0
0
Yeah but indeed that is how 2FA works. Unless you want to change the concept how 2FA works..lol
No, there's many types of 2FA. Steam's implementation lets you use your password as usual and your phone acts as an authenticator that you only need to use if you sign in on a device for the first time.
 

cw_sasuke

If all DLC came tied to $13 figurines, I'd consider all DLC to be free
Sep 9, 2006
27,409
2
0
Okay setup 2 step activation - feels good.
 

perorist

Unconfirmed Member
May 15, 2012
5,403
0
0
I'm an American living in S. Korea. Can I add my Korean cell number? Or can I use a US VOIP number (internet phone w/ text)? Or should I just use my mother's (US) cell number?
Yeah it should work, I'm in the same situation as you with different phone/account regions. It gives you a list of regions to choose from when registering your phone number.
 

Cynar

Member
Sep 18, 2007
5,935
0
0
Canada
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
I don't think you understand how this works. Watch this video explaining it by Google.

https://youtu.be/zMabEyrtPRg


Is this for verifying purchases, or for literally any time you turn on your system and it auto signs in?
It's not secure if it's just for purchases... Sooooo
 

Mung

Member
Aug 21, 2010
2,143
23
715
Nice, finally. Very reassuring. Out of interest, how long ago did xbox have this feature?
 

joebruin

Member
Apr 6, 2016
1,050
0
0
That's exactly what I'm doing.

After step 3, to test that my old password still works, I log out of my account on the device (vita), then try to log back in with my original password instead of the generated one it previously just worked with.

The original password is rejected and it asks me to either use the generated one or generate another new one via another text message.
I don't think you understand how this works. Watch this video explaining it by Google.

https://youtu.be/zMabEyrtPRg
i think he might have gotten confused because of the wording used when you generate a device password:

"Whenever you sign in after that, you can use your account password as usual"

Just to clarify, you don't log out of the device after you're logged in using the device password. What this line is saying is if, for example you try and modify your account settings through that device and it prompts you to login again you can use your normal password since you've already authorized the device by logging in with the device password.