Dev Blog: Security: Different times - Different ways

Ive read it all, and responded to each post.

Go ahead with your F2A SKIN.

I dont think it will make any difference.

Non-Zero Sum Game

Even if 1% more people enable 2FA as a result, itā€™s still a huge statistical win for CCP and for the player-base. A castle is only as strong as itā€™s weakest wall, a community is no different. This is about changing the portions of a pie chart so that higher levels of more focused scrutiny can be placed on the remaining slice of non-2FA pie. You donā€™t need a degree in political science or even behavioral psychology for that matter to see how this would play out.

  1. Both sciences would presume that a rational person would avail themselves to 2FA, which is already available, even without a superficial reward like a SKIN. Yet I havent, though I am rational, and idgaf about a SKIN.

  2. As I stated previously, these hacked/hijacked accounts are not a result of lack of 2FA, but of account sharing. It is very, very hard to hack someones login details, even without 2FA.

  3. That something might provide a 1% benefit, does not mean its worth the effort to produce it.

  4. It is not legit, that CCP would suspect non 2FA accounts of being illegal in their activities, or planning to be so. Whether someone has activated 2FA has no correlation to them being illegal, or planning to be so.

I fail to see why anyone would have an issue with 2FA, afterall if you want to make your accounts more secure why would it be a problem.

As for incentives Ankama give a 5% boost to exp and loot drops for players using it, maybe if CCP offered a 5% speed boost to the skill queue more players would sign up, I know I would, Iā€™m using it for the other game anyway. Nor is it compulsory, itā€™s purely down to the player.

It already exists.
Login to account management, and its right there.
Use it, or not.

Why should those that choose the inconvenience be rewarded?
Surely those that choose it, and those that dont, should be treated equally as clients?

PS: None of this matters anyways. I promise you, almost all of the hacked/hijacked reports are a result of account detail sharing.

The point is that the account with 2FA enabled is less likely to be hacked, thus less likely to cause work for the security-team.

You are also contradicting the devblog about the source of hacked accounts.

Nothing prevents you from activating 2FA.

I am, because they are wrong.

Incentivising people to activate 2FA on their accounts is a bad idea somehow?

Iā€™m gonna believe the professionals over you on this one.

Ive already said go ahead with this silly 2FA SKIN idea.
Good luck.

They are not wrong about the amount of hijacked accounts, they are wrong as to how/why they where hijacked.

Iā€™m telling you, its due to account detail sharing at best, and deliberate account cycling by illegals to avoid bans at worst.

Iā€™ve looked at that before and Iā€™d much prefer a CCP dedicated one rather than the google one. The more reviews I read the more convinced I am that Iā€™ll not be using it.

As for rewards, the ones willing to go an extra step to secure their accounts should reap the benefit.

If as you say the vast majority is account sharing then maybe CCP need to a) track them and give them a bollocking, or b) make 2FA compulsory to bring it to a halt, but not with the google authenticator which generates a code.

So, no way could it be people getting account details from compromised email-accounts so they can RMT the assets for real life gains? Suuuuureā€¦

This is much, much harder and convoluted than you think.

Its so difficult, that it is far more plausible its just a scam on CCP to as to avoid accounts being banned for illegal action, claiming ā€œmy account was hackedā€.

Iā€™m sure there are people who try that too, but Iā€™m not sure itā€™s as large issue as you think. Remember that CCP has access to more information than most people think and it should be pretty easy to catch at least most of those cases.

Honestly, even you must recognize that CCPs track record has been far less than stellar in this regard.

The question you have to ask yourself, is do you think those hijacked accounts are legit hacked, is it a result of account sharing or is it illegals trying to present themselves as innocent.

Wait, there is an actual RMT-market with people selling assets and ISK for real money and you donā€™t think itā€™s plausable enough that some would hack email-accounts en mass to get access to other peopleā€™s game-accounts so they could steal them? Every MMO on the planet suffers from it, but somehow not Eve?

2 Likes

As above. Its very, very difficult and convoluted to do so.

More likely its illegals blaming Yahoo etc data leaks when CCP investigates their account for illegal action.

ā€œIt wasnt me! My account was haxxored!!Ā½ā€

You are very ignorant then. There is a lot of money moving in the RMT-market for games. Some people do find it so lucrative that they do it for a living. Your really should educate yourself in the matter.

Edit: just a guess, but you donā€™t run 2FA on your account either do you? Do you use 2FA on any service you use?

1 Like

One can only hope it will yield good results.

Well, there is the issue that I (or someone else) might feel Iā€™ve jumped through enough ā– ā– ā– ā– ā– ā– ā–  hoops already to play this game & I just canā€™t be arsed to jump through any more?

Not an issue with 2FA per se of course, but still, it is something to consider :slight_smile:

Have you tried telling Hilmar that he shouldnā€™t have fired the rest of your team? :confused:

3 Likes