Welcome to the Rise of Agon Community

Create an account today to engage in discussions and community events on the Rise of Agon forums.

Discussion: Two Factor Authentication

Discussion in 'General Discussion' started by Neilk, Jun 28, 2017.

  1. Neilk

    Neilk Web Development & System Admin
    Staff Member Team Lead

    Joined:
    Aug 25, 2015
    Messages:
    1,337
    Likes Received:
    2,542
    Collapse Signature Expand Signature
    Fengor likes this.
  2. Green Chili

    Green Chili Spellgazer
    Legend

    Joined:
    Jan 4, 2016
    Messages:
    471
    Likes Received:
    460
    Perhaps send an email to everyone with an ROA acct. As we all know, not everyone uses the forums/discord. It is a horrible/largely unreliable way to give all but a portion of the community very important information, such as, account security.

    Another idea: why not send emails to everyone when you make large and or positive changes to the game, such as, drastically improving server performance, or the housing patch. It's basically free and easy advertising to someone that has already shown interest in your product.

    Even if these types of emails only bring 5 accounts a month, seems a win for everyone.

    Edit: kind of like the June newsletter. :sunglasses:
     
    #2 Green Chili, Jun 28, 2017
    Last edited: Jun 28, 2017
  3. Lucan

    Lucan Ghost
    Hero

    Joined:
    Feb 8, 2016
    Messages:
    345
    Likes Received:
    235
    its a good start. now incorporate it into the login screen and it'll be right
     
    Oresmacker likes this.
  4. MWTaylor

    MWTaylor Community Manager
    Staff Member BPG Representative Game Designer

    Joined:
    Sep 12, 2015
    Messages:
    1,320
    Likes Received:
    5,111
    We will be having a monthly newsletter going over what we are working on and what changes have been made, and the next one is coming up here soon. This week we will be presenting our 3-month development road map going over what our focus will be over the coming months as well.
     
    Collapse Signature Expand Signature
    Bim, Green Chili and Ledwulf like this.
  5. The Red King

    The Red King Varangian Warthane
    Loyal Legend

    Joined:
    Aug 10, 2016
    Messages:
    815
    Likes Received:
    857
    Great job on the authenticator but why is it not on the game as well as the website? Also why not just ask for the code when a different IP logs in rather than annoying everyone to do this every time they log in?
     
    Lucan likes this.
  6. Shivs

    Shivs Crypt Guard

    Joined:
    Apr 22, 2017
    Messages:
    185
    Likes Received:
    117
    Perhaps because anyone who had your login details and now wants to get past your two factor would just get into your TS or equivalent, get your IP and spoof it?
     
  7. MerleisAirdburne

    MerleisAirdburne Black Knight
    Supporter

    Joined:
    Apr 15, 2016
    Messages:
    1,126
    Likes Received:
    858
    I was just thinking about this yesterday, glad yall implemented it
     
  8. vehementi

    vehementi Goblin Warlord

    Joined:
    May 5, 2017
    Messages:
    92
    Likes Received:
    54
    Since this 2FA is on the account login and not on the client login, anyone who already is compromised but doesn't know it yet (i.e. attacker is sitting on credentials waiting for your account to get fat) is still vulnerable. Everyone should change their password to something never-before-used, after enabling 2FA.
     
    Lucan and RagnarokDel like this.
  9. RagnarokDel

    RagnarokDel Frostjarl
    Hero

    Joined:
    Nov 7, 2015
    Messages:
    989
    Likes Received:
    663
    Probably because it's more complicated? Hopefully it comes too at some point.
     
    Collapse Signature Expand Signature
  10. streaml1ne

    streaml1ne Windlord
    Loyal Legend

    Joined:
    Nov 9, 2015
    Messages:
    288
    Likes Received:
    213
    First, need this in the game login client asap. Second, can we get the account management page to list past logins to the game and account management page with IP information? This would help people keep tabs on funny business if so inclined.
     
  11. Baraz

    Baraz Skeleton Archer

    Joined:
    Nov 7, 2015
    Messages:
    110
    Likes Received:
    58
    Thank you !
    Even if it is not integrated in the client, it does protect account access (at worst, BPG would have to fix in-game shit after a hack).

    For "laughs", I am still baffled that AV had not protected its client and web site from brute force password attempts! It blows me away: I am a simple unprofessional webmaster, and yet my web sites are protected from brute force... They implemented limits in 2011 after a wave of brute force attacks. Hey, I don't like to shit openly on AV, but that just blows me away.
     
  12. Orworth

    Orworth Goblin Warrior

    Joined:
    May 9, 2017
    Messages:
    35
    Likes Received:
    15
    I still have no idea what this is
     
  13. vehementi

    vehementi Goblin Warlord

    Joined:
    May 5, 2017
    Messages:
    92
    Likes Received:
    54
    Two factor authentication means you need two different things to log in. In this case, it's something you know (your password) as well as something you have (your phone, which has a constantly changing code on it). This way, if someone steals your password only, they can't get into your account - they would also need to steal (and unlock?) your phone. Everyone should enable two-factor authentication on all services it's available on.
     
  14. Oresmacker

    Oresmacker Black Knight
    Supporter

    Joined:
    Aug 30, 2016
    Messages:
    1,457
    Likes Received:
    1,857
    Is this still not actually working? I enabled it from my job and went home and was able to log in with just using my info. When will this actually me implanted into the login lobby?

    Just wanting my account secure :)
     
    #14 Oresmacker, Jul 4, 2017
    Last edited: Jul 6, 2017