Jump to content

[FEEDBACK] Verify Sign-in location


Recommended Posts

Currently I'm a bit annoyed, I had to verify my location now for the 3rd time on my home PC, in other words my location is exactly the same.
Somehow my IP address is slightly different every time I try to log onto the website. Which causes this prompt, it is becoming a pain honestly.

Perhaps it can simply have us put the hardware ID and save it that way. That way if our IPs do change the hardware ID is still known.


  • Thanks 2
Link to comment
Share on other sites

On 2/16/2023 at 10:04 AM, DoubleRose said:

I get this every time on the same computer that is being used in the same location. 

thats exactly my issue, if its not new location it shouldn't ask again and again.


well its been almost a month, so i doubt they gonna do anything with this feedback.
This verification happens every single time I login on the website and it makes me not wanna login at all tbh.


Okay I'm officially tired of needing to verify the SAME location again and again. Which means I'm less likely to spend money.

Link to comment
Share on other sites

  • 1 month later...

Even though there are things that are extremely annoying in life.
That doesn't mean it needs to be gotten rid of.

-The way verification works to ensure your accounts are not compromised, it's important that those tokens are the right tokens on your PC, and not someone that has compromised your computer with a trojin, or the likes. 

Emptying your cache is going to force you to verify again because it's deleting the verification token. 

Verification tokens also tend to have a time expiry to them for security reasons.
(recently, Linus Tech Tips YouTube account was compromised because of verification tokens being compromised on site)
Here's a 14 minute video on basically why it's important those tokens expire.  

Is it annoying that verification has to happen? 
Is it more secure and most likely necessary for the security of your accounts?
Also Yes. 

In other words. This is likely not a bug, just a minor inconvenience. It is working as intended. 
I agree that the language should probably be changed from saying "New sign in location"
-Because that' is not a true statement.
The reality is the token expired or was deleted. 

The 'fix' would simply be to change the wording. 

Edited by GodOfEntity
Link to comment
Share on other sites

I was even locked out of my account for a few days because of this due to having an issue with our email's domain that I cannot receive any email within a few days.

I love the security standpoint on this process but if there is a way that there could be an option instead of via an email like for example a 2FA code since our account have 2FA already activated.

What I am saying is that instead of for the system sending email verification link, it would rather prompt for a code that the player will filled in from their 2FA app. Advantage is to avoid the external layer of sending and receiving email that in an unfortunate time could have an issue just like what happened to mine.

Edited by HLAJR
Link to comment
Share on other sites

  • Create New...