​

After numerous user account compromises and security breaches, Sony has finally added 2FA to the its PlayStation Network. It's highly recommended that users take advantage of this extra layer of security for their accounts.

You can do this by going to the Playstation Store on the web, and clicking the following:

Account Settings>Go to the Account Tab and select Security>Scroll down and click on "For 2-Step Verification, please visit this page". You will then be prompted to turn on 2FA and add a mobile phone number. You can also do this from your PS4 by going to Settings>PSN Account Management>Account Information>Security>2-Step Verification.

 

[Sonic Angel Knight]

Well this is something that should have happend back in 2009 already! O_O How it take this long, what are they doing over there!

 

[fischermasamune]

Who was using this in 2009?

 

[Deleted-379826]

I think my cousin will make good use of this, gives away his account to too many people!

 

[Sonic Angel Knight]

Who was using this in 2009?

I don't think people was, but if you remember how PSN got hacked and suddenly they shut down the service to fix it and then only to return with peoples accounts being compromised on the news, then to offer some free games and trial period to playstation plus which they was also starting to promote (Cue Kevin butler and Marcus rivers commercial here) Then maybe you wished they had done this sooner.

 

[Joe88]

I don't think anyone was using things like that in 2009 besides RSA key cards for sensitive work related stuff
even steam only added 2fa a year ago

 

[Terenigma]

Great that they are adding the extra security but im not giving any game company or system my mobile number. Stupidity is the source to most "hacks" and im not giving them more infomation about me. I buy PS vouchers to get games, i never give credit card or personal info and i shall continue to do so.

 

[Xenon Hacks]

2FA makes accounts less secure FYI

 

[Armadillo]

I don't think anyone was using things like that in 2009 besides RSA key cards for sensitive work related stuff
even steam only added 2fa a year ago

That's only the mobile authenticator. 2FA via codes to email has been available for ages, I think it was 2011, can't remember exactly, but it's email based steam guard is old.

 

[Arras]

2FA makes accounts less secure FYI

If you're going to say something like that, at least give a valid reason/source.

 

[Xenon Hacks]

If you're going to say something like that, at least give a valid reason/source.

All I have to do is pretend to be you and have your carrier mail me a new sim with your number and request a text for the 2FA, now your probably saying the possibility of that happening is slim to none but the possibility would be non existent without 2FA.

The only way to make 2FA truly work is to buy a burner phone, keep it hidden at a place other than your home and never share the number.

 

[Townsperson]

All I have to do is pretend to be you and have your carrier mail me a new sim with your number and request a text for the 2FA, now your probably saying the possibility of that happening is slim to none but the possibility would be non existent without 2FA.

And how does that make your account less secure? If this completely moronic thing actually happened, your account is just as secure as it was without 2FA. No more, no less.

 

[Xenon Hacks]

And how does that make your account less secure? If this completely moronic thing actually happened, your account is just as secure as it was without 2FA. No more, no less.

Because I would not need to know your password I can just request a reset instead. Being on PSN and being able to chat with someone to get basic info out of them through phishing makes things even easier.

 

[Deleted User]

Finally. I think all major sites should have 2fA. Or some form of other authentication.

 

[tbb043]

The only thing that makes you secure is never leaving your payment information on file with them in the first place. In the long run I bet this winds up accidentally locking more people out of their own accounts than stopping hackers.

 

[Townsperson]

Because I would not need to know your password I can just request a reset instead. Being on PSN and being able to chat with someone to get basic info out of them through phishing makes things even easier.

A password reset, to your registered email account, which has it's own, separate security measures. If you have the password to that as well, you probably deserve to get into whoever's account it is you're trying to steal.

Look, you can say that 2FA is dumb. That's fine. It really is. But if you try to make up random scenarios where it's detrimental to account security, you look like an idiot. Getting not only a phone company to give up someone's information, but also Sony (Who, if you only have half of the required authentication, should provide you absolutely zero information. Because that's the whole damn point) and eventually an email provider is ridiculous. Not that it could never happen, but the chances are so remarkably low, you'd have a better chance guessing a password.

 

[jimmyleen]

Why do I get the feeling anything that has to do with Yubico will not work with this?

 

[Luckkill4u]

If Sony was smart they would be using an authentication app not text messages. Google Authenticator works really well.

 

[HomebrewJay]

Is this possible with the PlayStation 3?

 

[Deleted User]

If Sony was smart they would be using an authentication app not text messages. Google Authenticator works really well.

I find steam authenticator to be the best working one. Google authenticator sometimes makes duplicate codes and it's annoying.