138627-two-step-verification-removal-no-longer-needs-a-ticket

Content
{| style="width: 100%;"

This is not just a bad decision it is retard-worthy. Now 2 step is just a buff and ceases to be a security feature. How did this get by any manager or leadership in the company. This just proves Carbine fired the wrong people.

Edited October 8, 2015 by Bound4Earth


 * }
 * }

{| style="width: 100%;"

Soooooooo. Normal login: Email+password. 2-step: Email+password+authenticator app. Remove authenticator app code requirement to get rid of authenticator, without adding any other sort of security layer: Normal login = 2-step login. Except 2-step is a slight pain in the a** every 7 days. Like a breeze hitting a sore wound. But obviously, if you just remove the authenticator when people e-mail you, no questions asked, then this step makes perfect sense, as you've already completely screwed over your own system. Which begs the question: Why don't you do what facebook and google does, that 2-step is not an app, but a sms-text code to a phone number. Most people that lose their phone retain their phone number, they've just lost the app. Meaning that they will be able to access the same phone number as before, thus keeping security intact. Or you can just keep the authenticator as it is now, and then for your removal site it will send a text code to your phone number, which is then needed to remove the authenticator on your site. Proper solutions are really, really obvious, and are proverbial low hanging fruits. Go do.


 * }
 * }

{| style="width: 100%;"

As someone who does NOT have a mindset of *cupcake*ing clicking whatever bullshit there is out there, and who keeps their PC clean, I have had attempts made on my WoW account. It's not always the person's fault when their account gets compromised.


 * }
 * }