[FEEDBACK] Verify Sign-in location

[Angeltje]

Currently I'm a bit annoyed, I had to verify my location now for the 3rd time on my home PC, in other words my location is exactly the same.
Somehow my IP address is slightly different every time I try to log onto the website. Which causes this prompt, it is becoming a pain honestly.

Perhaps it can simply have us put the hardware ID and save it that way. That way if our IPs do change the hardware ID is still known.

[DoubleRose]

I get this every time on the same computer that is being used in the same location. 

[Angeltje]

On 2/16/2023 at 10:04 AM, DoubleRose said:

I get this every time on the same computer that is being used in the same location. 

thats exactly my issue, if its not new location it shouldn't ask again and again.

 

well its been almost a month, so i doubt they gonna do anything with this feedback.
This verification happens every single time I login on the website and it makes me not wanna login at all tbh.

 

Okay I'm officially tired of needing to verify the SAME location again and again. Which means I'm less likely to spend money.

[Garnet]

I'm annoyed about it too just so you know

[SSJori]

Lol I have to everytime I log in. 

[Angeltje]

5 hours ago, SSJori said:

Lol I have to everytime I log in. 

Same its why I think this need to change asap.

 

6 hours ago, Garnet said:

I'm annoyed about it too just so you know

So will it be fixed?

[Angeltje]

Welp I emptied my cache yesterday as that was advised and today exact same happening again.
its not a new location, same device/ wired internet.

Edited April 9, 2023 by Angeltje

[GodOfEntity]

Even though there are things that are extremely annoying in life.
That doesn't mean it needs to be gotten rid of.

-The way verification works to ensure your accounts are not compromised, it's important that those tokens are the right tokens on your PC, and not someone that has compromised your computer with a trojin, or the likes. 


Emptying your cache is going to force you to verify again because it's deleting the verification token. 

Verification tokens also tend to have a time expiry to them for security reasons.
(recently, Linus Tech Tips YouTube account was compromised because of verification tokens being compromised on site)
Here's a 14 minute video on basically why it's important those tokens expire.  

Is it annoying that verification has to happen? 
Yes. 
Is it more secure and most likely necessary for the security of your accounts?
Also Yes. 


In other words. This is likely not a bug, just a minor inconvenience. It is working as intended. 
I agree that the language should probably be changed from saying "New sign in location"
-Because that' is not a true statement.
The reality is the token expired or was deleted. 

The 'fix' would simply be to change the wording. 

Edited April 9, 2023 by GodOfEntity

[HLAJR]

I was even locked out of my account for a few days because of this due to having an issue with our email's domain that I cannot receive any email within a few days.

I love the security standpoint on this process but if there is a way that there could be an option instead of via an email like for example a 2FA code since our account have 2FA already activated.

What I am saying is that instead of for the system sending email verification link, it would rather prompt for a code that the player will filled in from their 2FA app. Advantage is to avoid the external layer of sending and receiving email that in an unfortunate time could have an issue just like what happened to mine.
 

Edited April 11, 2023 by HLAJR