4 button solo buzzkill brought me here. At least I know it's not that I'm doing something wrong.

Agreed. Incidentally, requiring a facebook or twitter account for any type of service is an automatic deal breaker for me. Have actually not used products because of this 'everything has to be connected' philosophy. When I play SWTOR, just want to launch, log, and go. It's a farily 'low security' priority for me, and like you say, my online banking is easier than the current OTP implementation. If they can reduce the OTP to like once a month or find some alternative system that does not require extra data input, I'll be ok. But I seriously have enough hassle in my life; to add some more to be able to play a video game (that I mostly enjoy) is going to be hard to swallow.

Obviously, we have different lifestyles. Yes, my cell phone is occasionally an inconvenience and for that reason I don't always carry it with me. I used to be able to say I didn't have a smart phone, but can't anymore. Ultimately, though, it's just inconvenient having to do more than a password. You obviously think that's ridiculous, and that's ok, but I'm not alone in this.

It establishes that the weighting scheme for triggering a OTP is different between launcher and website. This is then supported with the experience of being able to login to the website without OTP generation and then having one generated by trying to login to the launcher. Ask Phillip as you are unable to test this unless you deactivate your authenticator. You think you understand the system based on a partial disclosure of operating parameters and no observational experience because you are not exposed to the OTP. So, your understanding of this system is largely theoretical and does not make full assimilation of disclosed operating parameters. This may seem like I'm making some leaps regarding your understanding, but not near as far as the leaps you making regarding peoples' actual experience with the system.

Same problem as security key. Have to have it on you and input numbers. Not really an alternative; more of a substitute for option 2.

Well, I was hoping there might be a third alternative which would remove both of those barriers. I'm not looking for a lesser of two evils; I'm looking for zero evils.

It's fine if you like it and want it. I never said it was torture, I said it was inconvenient. Just because it approaches my threshold for inconvenience doesn't mean I'm wrong, just different. I'm likely in a minority, but not alone.

One example is listed on the developer explanation: "Deleting cookies in a browser forces a new OTP every time This is specific to using a web browser and our website. The game launcher is not affected by this behaviour." You know, it's ashame that some people are lazy and don't do just a little research as to how this game software works, just like they would with any other software, and read some developer posts about it. But hopefully, directing you to the developer post about this will enhance your understanding of the system. In terms of actual cases of affected users, I'm aware observationally of one case where this is true (myself) and anecdotally of other cases where this is true (forum postings). I"m surprised your extensive analysis of end user experience has produced no examples. How many cases did you analyze again?

It's inconvenient, I don't need it, I don't like it, and until recently I wasn't forced in to alternative two factor authentication schemes. Why would I have used it?

This is a poor solution for those of us who do not want the hassle of two factor authentication. My CE came with a security key, but I have no intention of using it as it is inconvenient. I have multiple systems and don't want to be dependent on having it, or going through the extra excercise of typing in those numbers.

Since you seem unfamilar with how the system works, let me explain. The parameters that are checked for the launcher to generate the one time password are not the same parameters that are checked for a browser to login to the website. Because of this, it is possible to be able to login and post while still being locked out of the launcher login.

Why is there no discussion of an option to opt out of two way authentication? Clearly, some value the extra security. Clearly, some are experiencing frustration with the barriers two way authentication presents in logging into the game. If I were offered the option of having password only login under the 'scary' condition that I would receive no support from customer service if my account was hacked and resulted in the loss of virtual items, I would gladly take it. Two way authentication is a resource burden for SWTOR -- having the option to not use it is a win for the service provider and a win for customer satisfaction.

Seriously, you guys? Go to the customer service forum and search for 'security key'. More than 500 threads pop up. I'm guessing one or two of those are complaints. If you have security problems with your network or system, I think it's great that they give you the option of two-way authentication. For those of us who don't, it would be nice to have the option to remove the nuisance of two-way authentication.

Did they add the option to opt out of two-way authentication for those who do not need/want it (e.g. no security except password)? Because that's the only security option upgrade I think some of us are looking for.