Two-Factor Authentication and more.

Suggestion 1.)
We all know that in this day and age we're constantly exposed to hackers and malicious users over the internet. These users, clearly, have bad intentions and will try to steal your data. I just realized that PoE accounts don't have MFA (multi-factor authentication). The game sends a single use code via e-mail when logging in from a different IP address, which is awesome but what about the website? Or what if they get access to my e-mail as well? It can happen.

A password in itself is far from sufficient these days. I know MFA can also be cracked. Nothing provides 100% protection but it makes the process much harder for hackers, that's for sure. I'd feel a whole lot safer if I had the option to link my phone number to my account and use two-step authentication when logging into the website.

I'm not saying a phone number should be obligatory but it should be there as an option. I don't see why it hasn't been implemented yet, honestly. The reason this thing came through my mind is because a lot of us, the players, spend insane amounts of money on our accounts, quite regularly. Some have even spent over a thousand dollars (thanks for supporting PoE). Imagine losing an account on which you've spent a couple thousands, or hundreds even.

It's just an idea, really.

Suggestion 2.)
The ability to hide user e-mail in the non-Steam version PoE. Live streaming Path of Exile in the non-Steam version of the game exposes user e-mail address at the login screen. It would be cool if we could hide it.

Thanks for reading and have a wonderful day.
Last bumped on Jan 13, 2022, 5:43:02 PM
This thread has been automatically archived. Replies are disabled.
some grands of support money depending on the security of a email account, what could go wrong?
your valid complaints have been brought up plenty of times already.

it obviously never occured to ggg that there are people out there that wont invest big in companies where their investment isn't save.

and they will never know cause those people won't hang it high, i also do not contact any company which investment offers do not suit my prefenrences, i ignore them.

can't believe support still does ask for character names from accounts for verification purposes. i mean it takes people seconds to go to my profile to get those names.

--

on the other hand, there are few complaints. twitch got hacked recently and there wasn't much of a fuss here. valve has security issues on a regular basis and it's not causing much trouble for poe.

and it looks like the better security of mail providers saves ggg some dev time and hassle.

--

what i would like to have isn't 2 factor auth. today my phone had a close call missing the toilet and even if had died, it would just be some pictures that i lost. and there are many people who don't want their government being able to track their movements.

some account token which identifies you would be enough. you could store it on your computer and mail it to ggg on account related issues like having lost access to your email account.
age and treachery will triumph over youth and skill!
Personally, I avoid MFA as much as possible, unless it's for my bank account. I hate unlocking my phone and checking SMS/email/otherApp for a code, every time I try to login.

Were there many cases when someone got his PoE account hacked from another computer? What was the damage? Few exalts and a Headhunter in Standard?

Report Forum Post

Report Account:

Report Type

Additional Info