0
After last night's patch, a lot of users were curious as to why they weren't prompted to enter their authentication code before logging in to Guild Wars 2. Mike Lewis was there to let people know that they implemented their "remember this network" feature last night and that if you had already selected it before it was in place, it would automatically use that setting:
Quote
Hi all,
First and foremost: please be aware that your accounts are still protected by the mobile authenticator at this time.
Here’s what has happened:
This is the result of an oversight on my part and I’d like to apologize for any uncertainty and worry. We’ve double checked the systems and authentication is working correctly for unverified logins.
Unlinking the authenticator was temporarily disabled due to a configuration accident; this has been corrected and should work again.
For the moment we do not have a user interface for editing your “remembered” network locations. As a result, please be very cautious when selecting to allow new locations from the emails (or, in the near future, from the mobile authenticator login screen).
Thanks for bearing with us while we get the rest of the mobile authenticator features ready to go. [Source]
First and foremost: please be aware that your accounts are still protected by the mobile authenticator at this time.
Here’s what has happened:
- We have been developing a “remember this network” feature for the mobile authenticator in line with the same feature used by email authentication
- This feature became active tonight during the planned maintenance updates
- For any account which has already selected to remember a network, the mobile authenticator will respect your existing settings
- This means that if you are logging in from a location that you permitted via email authentication, the mobile authenticator will not currently prompt you for a secondary code
This is the result of an oversight on my part and I’d like to apologize for any uncertainty and worry. We’ve double checked the systems and authentication is working correctly for unverified logins.
Unlinking the authenticator was temporarily disabled due to a configuration accident; this has been corrected and should work again.
For the moment we do not have a user interface for editing your “remembered” network locations. As a result, please be very cautious when selecting to allow new locations from the emails (or, in the near future, from the mobile authenticator login screen).
Thanks for bearing with us while we get the rest of the mobile authenticator features ready to go. [Source]
Comments
#1 Goroke
Pale Tree Seedling
Posted 06 November 2012 - 08:58 PM
#2 Union
Asuran Acolyte
Posted 06 November 2012 - 09:17 PM
#3 Tr3LoS
Fahrar Cub
Posted 07 November 2012 - 02:41 AM
Thumbs up!
#4 wetwillyhip
Asuran Acolyte
Posted 07 November 2012 - 07:08 AM
#5 _Sorel
Pale Tree Seedling
Posted 07 November 2012 - 07:22 AM
this might be how your ISP setup your internet connection. especially if you have a dynamic ip address from your DHCP server. you would be getting a new IP address everytime your router resets or when the old one expires. this causes the authenticator to detect your new ip address as a different location and would prompt you will security options.
#6 Righteous
Sylvari Specialist
Posted 07 November 2012 - 01:42 PM
This is not two-factor authentication. It's 1.05-factor authentication.
They should NOT have dumbed this down because some people don't really take security seriously, and are too lazy to enter the mobile authentication code every time. Those kind of people should stick to email-authentication-on-a-change-of-location instead.
Or if they really felt they had to dumb it down this way, they should have built the UI for editing remembered locations (and put it in place) FIRST, so that those of us who want maximum security can kill all saved locations, and receive the mobile authentication prompt every time.
#7 Tzu Qui Jinn
Golem Rider
Posted 07 November 2012 - 03:38 PM
#8 Righteous
Sylvari Specialist
Posted 07 November 2012 - 04:27 PM
You shouldn't be giving away 1/3 of your login details every time you post your character name in public, and people shouldn't get 1/3 of your login details just by seeing you in game.
They only did that in GW1 because they had to do something to stop thieves who were glitching into other people's NCsoft master accounts - from there the thieves could see your email address for GW1 login, and set a new GW1 password without knowing the old one. You were shafted, no matter how good your password was, or how safe your internet practices were. Your only protection was blind luck.
So, ArenaNet had to add a login requirement that could not be seen/changed from the NCsoft Master Account. Quickest and easiest was character names. It was a bandaid not a proper solution.
BTW, your email address shouldn't be part of your login security either, but we're stuck with that now
#9 Loperdos
Vanguard Scout
Posted 09 November 2012 - 03:15 PM
snip.
Or if they really felt they had to dumb it down this way, they should have built the UI for editing remembered locations (and put it in place) FIRST, so that those of us who want maximum security can kill all saved locations, and receive the mobile authentication prompt every time.
This.
I really like the idea of having the option to put in the authenticator every time I log in, plus it gives the user more access to security features, including if they make a mistake in remembering a location (IE if they logged in from an internet cafe or something of the sort).
#10 prince vingador
Vanguard Scout
Posted 09 November 2012 - 04:18 PM
#11 Khalija
Leaf on the Wind
Posted 09 November 2012 - 08:22 PM
https://forum-en.gui...-Authentication
Feel free to PM me if you have a question regarding moderation, want to leave some feedback, or just want to chat!
#12 Righteous
Sylvari Specialist
Posted 10 November 2012 - 12:35 PM
But you don't have to have a smartphone:
-You can use a USB key instead eg. YubiKey
-Or a Windows application, gauth4win - although you need to be careful with that (gauth4win stores your secret key in plain text, in the Windows registry of the PC you run it on)
#13 Righteous
Sylvari Specialist
Posted 04 February 2013 - 03:03 PM
Those of us who take our account security seriously... can now remove all Remembered networks, and have TRUE 2-factor authentication (authentication prompt at every login).
And those who don't take their security seriously, still have the option to remember networks - and only get the authentication prompt when someone attempts login from a network/location that is sufficiently "new".
Everybody wins.