Sony adds Two-Factor Authentication to PlayStation Network

Well this is something that should have happend back in 2009 already! O_O How it take this long, what are they doing over there!

 

Who was using this in 2009?

 

I think my cousin will make good use of this, gives away his account to too many people!

 

I don't think people was, but if you remember how PSN got hacked and suddenly they shut down the service to fix it and then only to return with peoples accounts being compromised on the news, then to offer some free games and trial period to playstation plus which they was also starting to promote (Cue Kevin butler and Marcus rivers commercial here) Then maybe you wished they had done this sooner.

 

Great that they are adding the extra security but im not giving any game company or system my mobile number. Stupidity is the source to most "hacks" and im not giving them more infomation about me. I buy PS vouchers to get games, i never give credit card or personal info and i shall continue to do so.

 

2FA makes accounts less secure FYI

 

That's only the mobile authenticator. 2FA via codes to email has been available for ages, I think it was 2011, can't remember exactly, but it's email based steam guard is old.

 

If you're going to say something like that, at least give a valid reason/source.

 

All I have to do is pretend to be you and have your carrier mail me a new sim with your number and request a text for the 2FA, now your probably saying the possibility of that happening is slim to none but the possibility would be non existent without 2FA.

The only way to make 2FA truly work is to buy a burner phone, keep it hidden at a place other than your home and never share the number.

 

And how does that make your account less secure? If this completely moronic thing actually happened, your account is just as secure as it was without 2FA. No more, no less.

 

Because I would not need to know your password I can just request a reset instead. Being on PSN and being able to chat with someone to get basic info out of them through phishing makes things even easier.

 

Finally. I think all major sites should have 2fA. Or some form of other authentication.

 

The only thing that makes you secure is never leaving your payment information on file with them in the first place. In the long run I bet this winds up accidentally locking more people out of their own accounts than stopping hackers.

 

A password reset, to your registered email account, which has it's own, separate security measures. If you have the password to that as well, you probably deserve to get into whoever's account it is you're trying to steal.

Look, you can say that 2FA is dumb. That's fine. It really is. But if you try to make up random scenarios where it's detrimental to account security, you look like an idiot. Getting not only a phone company to give up someone's information, but also Sony (Who, if you only have half of the required authentication, should provide you absolutely zero information. Because that's the whole damn point) and eventually an email provider is ridiculous. Not that it could never happen, but the chances are so remarkably low, you'd have a better chance guessing a password.

 

Why do I get the feeling anything that has to do with Yubico will not work with this?

 

If Sony was smart they would be using an authentication app not text messages. Google Authenticator works really well.

 

Is this possible with the PlayStation 3?

 

I find steam authenticator to be the best working one. Google authenticator sometimes makes duplicate codes and it's annoying.