Jump to content

Display Name Only Log In Now Live


AmberGreen

Recommended Posts

Anyone having trouble with their game crashing as soon as its about to hit the character screen? Its bein doin this all morning and im not sure if its happening for anyone else.

 

Yes, mine crashes everytime before the character select screen.

Link to comment
Share on other sites

  • Replies 134
  • Created
  • Last Reply

Top Posters In This Topic

Trying to bring this back onto the topic of new authentication method and problems associated with it (black screens and crashes are being solved elsewhere, really guys).

 

No, they aren't being solved. I haven't even seen an acknowledgement from the devs about the game being completely broken yet again. Right before Makeb as well- seriously, who comes up with these idiotic ideas?

Link to comment
Share on other sites

No, they aren't being solved. I haven't even seen an acknowledgement from the devs about the game being completely broken yet again. Right before Makeb as well- seriously, who comes up with these idiotic ideas?

Ok, not solved, debated, I have seen several advices that helped several people in General Discussion.

However this should be a topic devoted to the new authentication method, not that your client crashes.

Link to comment
Share on other sites

  • Dev Post

For all those posting about the game crash, it looks like I need to be a bit clearer on 'authentication' vs Launcher and Game crashes:

 

If you get to the point where you can click 'Play' in the Launcher, you are past 'logging in' and have moved into loading the game client. The changes we made to authentication (Display Name only, OTP, Self Service) have nothing to do with those game crashes.

 

If you can't get to the point where you can type in your authentication credentials and click the Login button, then you have an issue with the Launcher itself. The changes we made to authentication were back-end changes, and while other pieces were also modified on the 2nd, those weren't to do with the Display Name, OTP and Self Service features.

 

There are other threads (mainly in the Customer Service forum area) about those issues if you have them, and please move questions about the game client issue over there - I won't respond to them as I'm not involved. I do wish I could help, but my expertise is elsewhere.

 

I'm also only answering new questions about authentication that haven't already been answered in this or previous threads. Those threads are:

http://www.swtor.com/community/showthread.php?p=5954106

http://www.swtor.com/community/showthread.php?t=612230

 

But you DID say Subscribers will be getting those pets too, right?

Actually that wasn't me specifically - I think that may be the case, and I hope so, as I too collect the pets. I'm not involved in that side of things though, so don't know for sure.

 

Trying to bring this back onto the topic of new authentication method and problems associated with it (black screens and crashes are being solved elsewhere, really guys). Some reply from Philip_BW or some other responsible "yellow" would be great.

 

It seems that people without security keys and with ISPs that rotate dynamic IPs like crazy are the most affected by this problem.

-

I am assuming that the One Time Password occurs only when the launcher does not recognize your current IP. This creates problem with Dynamic IPs, as mentioned above. If I am mistaken, please discount the suggestion.

-

Given the apparent problems this otherwise great security upgrade caused, are there any plans to maybe make the check for MAC address instead of IP address? If I understand the system correctly, it would solve the problem of launcher not recognizing the current machine, and using One-Time Password would add the current machine to a "verified" list.

The change in IP addresses by certain ISP's is a great inconvenience for those that use those ISP's. We totally understand that. The problem we face is that we have to take into account a lot more than just changing IP addresses, and have to set the level of security around 'all the players'. This means that some (in this case people that use changing IP ISP's) are going to be inconvenienced more than others. We also have to consider what attacks can be run against the system, and ignoring IP and changing to MAC address instead would actually open up quite a few attack vectors which you don't want us to allow. In reality we pay attention to a lot more than just the IP address, but that's a different conversation which I won't go into detail on 'for security reasons'.

 

Authentication is one of the most complex systems we have as we try to balance security with user inconvenience. In the end to have adequate security, some inconvenience is required. Believe me, if we could trust everybody to stick to their own account and just have people log in with an auto-saved username, we would. Reality is that there are a few 'bad' people out there that mean we have to treat authentication seriously. And we do.

 

To alleviate the problem we do have two options on our side:

For subscribers, there is the option to use the Mobile Security Key (and ex-subscribers can continue to use it after they stop subscribing up until they remove the Security Key from their account). This will mean you do not get an email every time your IP changes, and instead have to type in the Mobile Security Key Code.

For all players, there is the option to buy the Physical Security Key to achieve the same thing. Yes, I totally understand the Physical Security Key is currently out of stock in Europe, and we are working diligently with the European Origin Store staff to get that restocked ASAP. I have a tentative date for sometime in the next few weeks, but I'm not going to say exactly when until they confirm that date to the point where I feel comfortable posting it. I do not want to give false hope there!

Link to comment
Share on other sites

Ok, not solved, debated, I have seen several advices that helped several people in General Discussion.

However this should be a topic devoted to the new authentication method, not that your client crashes.

 

Ah so we should be tucked away never to be heard from again.

 

Most of us are sick of EAware breaking the game every time they do an update. I imagine many, like me, don't care if this isn't the right place to post. We want it acknowledged and an emergency patch deployed to correct it. I'm not paying a sub every month for this ****.

Link to comment
Share on other sites

Ah so we should be tucked away never to be heard from again.

 

Most of us are sick of EAware breaking the game every time they do an update. I imagine many, like me, don't care if this isn't the right place to post. We want it acknowledged and an emergency patch deployed to correct it. I'm not paying a sub every month for this ****.

Well pardon me for believeing that if something is organized, you are able to find and solve the problem much quickly.

I never said about tucking you away (so please do not put words in my mouth), just that there are several posts where people are trying to solve this.

If one of these posts would remain active and people writing useful stuff there (not just "waaaah, fix it, I don't care how or what is my computer doing when it crashes") plus occasional bump to keep it on front page, it would be much better to get noticed than in a news sticky that will get automatically pulled down in few days

Link to comment
Share on other sites

Well pardon me for believeing that if something is organized, you are able to find and solve the problem much quickly.

I never said about tucking you away (so please do not put words in my mouth), just that there are several posts where people are trying to solve this.

If one of these posts would remain active and people writing useful stuff there (not just "waaaah, fix it, I don't care how or what is my computer doing when it crashes") plus occasional bump to keep it on front page, it would be much better to get noticed than in a news sticky that will get automatically pulled down in few days

 

"People" should not have to solve the problem. I imagine a lot of people- myself included- are terrible with computers, so having everyone tell us to go elsewhere and find a solution is not acceptable. If a dev stepped up and acknowledged the issue is known and a fix is being worked on as we speak, that would be better than the current situation. Right now, it feels like it's a matter of "fix it yourselves and stop whining"

Link to comment
Share on other sites

The change in IP addresses by certain ISP's is a great inconvenience for those that use those ISP's. We totally understand that. The problem we face is that we have to take into account a lot more than just changing IP addresses, and have to set the level of security around 'all the players'. This means that some (in this case people that use changing IP ISP's) are going to be inconvenienced more than others. We also have to consider what attacks can be run against the system, and ignoring IP and changing to MAC address instead would actually open up quite a few attack vectors which you don't want us to allow. In reality we pay attention to a lot more than just the IP address, but that's a different conversation which I won't go into detail on 'for security reasons'.

 

Authentication is one of the most complex systems we have as we try to balance security with user inconvenience. In the end to have adequate security, some inconvenience is required. Believe me, if we could trust everybody to stick to their own account and just have people log in with an auto-saved username, we would. Reality is that there are a few 'bad' people out there that mean we have to treat authentication seriously. And we do.

 

To alleviate the problem we do have two options on our side:

For subscribers, there is the option to use the Mobile Security Key (and ex-subscribers can continue to use it after they stop subscribing up until they remove the Security Key from their account). This will mean you do not get an email every time your IP changes, and instead have to type in the Mobile Security Key Code.

For all players, there is the option to buy the Physical Security Key to achieve the same thing. Yes, I totally understand the Physical Security Key is currently out of stock in Europe, and we are working diligently with the European Origin Store staff to get that restocked ASAP. I have a tentative date for sometime in the next few weeks, but I'm not going to say exactly when until they confirm that date to the point where I feel comfortable posting it. I do not want to give false hope there!

 

Bring back the security questions system. Whoever wants more security just buy the security key / use app.

 

You are clearly trying to force ppl to buy the security key , (yes they will be restocking off course)

Link to comment
Share on other sites

THIS IS WHAT MADE EVERYTHING ****ED! im logging in and the game crash and goes directly to desktop with no error code or anything.. ive Checkd everything i can think of... directX , G cart, RAM, Prossesor, Heat, HDD , Board , repair, Drivers and more.. *** Edited by vonmats
Link to comment
Share on other sites

The New System is crap and it looks for the one time password every single time i have to log in, I'm sorry Bioware and EA I'm a returning customer who just wants to play a game not try to get into Fort Knox.

 

Please get this sorted ASAP or will be leaving Customer again.

Link to comment
Share on other sites

And I'll just add this in again...

 

Please create a mobile security key for Windows Phone (7/8) so we don't have to carry about the keychain fob thingy.

 

I've yet to add the security key to my account because it's a PITA to carry it around with me, and with the recent changes to how you've set security, I know I'm going to run into issue at some point (changing IP address, wanting to log into the forums away from home, etc.).

 

I asked this once and you responded with a statement equivalent to "there's not enough money in it for us" (your real answer was about the marketshare with Windows phones, but still equates to the same), but you have to realize that if you're giving people options - saying "For subscribers, there is the option to use the Mobile Security Key..." yet you don't actually provide us one, you're doing nothing but causing more of an inconvenience to people that support you.

 

I'd love nothing more than to be able to use the security key, but for some reason you just won't let me. Does it really cost that much (seriously asking because I don't know) to create a mobile app for Win phones?

Edited by Dink
Link to comment
Share on other sites

I usually only read the 1st couple lines when you post Phillip since your post are usually TL;DR and inconsequential to me at least. I feel secure enough. But the line you used 'it looks like I need to be a bit clearer' was nice. I thought it was quite Sithy. :D Edited by Paokzu
Link to comment
Share on other sites

/snip
Thanks for clearing that up for me. I was under the impression that services like Steam use some combination of MAC and IP address to add new connection to some list of "verified" connections, as people say the do not need the Steam's OTP equivalent every time their IP changes.

-

Not really sure how dangerous it is, as I will admit that data security and networking are the parts where my IT education is most lacking, but I am going to assume it is, deferring to your expertise :rak_03:

Link to comment
Share on other sites

I am not bothered with this new login thing except for some reason when I open up the launcher it stays for 3 seconds long enough for me to see "Launcher updating" and then it shuts off and a message box turns up saying "only one application can be open at a time" this has been going on ALL DAY!!! Pray tell what the HELL is going on?? :)

 

I suffer from the same malady - spent an hour on the phone waiting for an answer from customer service. I was told that there are a lot of us having the same problem. Answer - wait until customer service finds out how to fix it. Only problem is...if you can't launch the login, how will you be able to download the patch to fix it? Not a very well thought out update - wonder if I will ever be able to play this game again - looks like I spent my money wastefully on those cartel coins I will never use and that Hutt update I will never be able to play.

Link to comment
Share on other sites

The change in IP addresses by certain ISP's is a great inconvenience for those that use those ISP's. We totally understand that. The problem we face is that we have to take into account a lot more than just changing IP addresses, and have to set the level of security around 'all the players'. This means that some (in this case people that use changing IP ISP's) are going to be inconvenienced more than others. We also have to consider what attacks can be run against the system, and ignoring IP and changing to MAC address instead would actually open up quite a few attack vectors which you don't want us to allow. In reality we pay attention to a lot more than just the IP address, but that's a different conversation which I won't go into detail on 'for security reasons'.

 

Authentication is one of the most complex systems we have as we try to balance security with user inconvenience. In the end to have adequate security, some inconvenience is required. Believe me, if we could trust everybody to stick to their own account and just have people log in with an auto-saved username, we would. Reality is that there are a few 'bad' people out there that mean we have to treat authentication seriously. And we do.

 

Then how come i have to get that code of yours EVERY time i log out of the forum and want to log back in? I just tried it - and i have the same IP now as i had before i logged out, and even so i still had to get the code. Why?

 

EDIT: And fyi, being forced to spend around 28h per year just login into my email if i wanna make 5 separate posts on your forum each day, thats not an inconvenience - It's insane.

Edited by Twin
Link to comment
Share on other sites

Happy that I've had a security key, but I still find it silly that now everyone knows half of your login info.

 

 

============

 

On a side note, love that spellcheck is finally in the forums.

 

What do you mean everyone will know half your login details, this is just for logging into the game and website, and if anything makes it more secure cause your not spammed constantly by dodgy emails and people trying to hack your email address.

 

From playing WoW many years ago this is a big problem and when they integrated Battle.net is become even more un secure as your email address were all publicly shown and would receive a bombardment of spam.

 

This method is far more secure and i'm glad the security team are on the right track with this. With display name, password and a security key or app this is probably the most secure game i've ever played.

Link to comment
Share on other sites

/snip

For all players, there is the option to buy the Physical Security Key to achieve the same thing. Yes, I totally understand the Physical Security Key is currently out of stock in Europe, and we are working diligently with the European Origin Store staff to get that restocked ASAP. I have a tentative date for sometime in the next few weeks, but I'm not going to say exactly when until they confirm that date to the point where I feel comfortable posting it. I do not want to give false hope there!

 

More Security is good, yes, but for those IP changing people who don't have any kind of Security Key and no option to use the mobile version it is less secure now, because you are forced to login into your mailaccount to log into Swtor.

At home you just have to start you mailing program, hopefully with secure login procedures. A little bit annoying but ok, as long as it is only once per day and not every time like some poor fellow players have to do.

On your computer you yourself have control for the security of the whole machine. But writing in the forums while not at home, playing from a potential unsecure computer of a friend or relative, something many players used to do, now everytime the mailaccount is at risk because you have to log in there via browser with account AND pw in addition to log into swtor.

How is this giving me more security? Mailadress not for login anymore because it is not secure but still forced to use it for login just in another way now and in some cases 'broadcasting' my whole mail login around?

 

Another thing i don't understand is why was the problem with restocking the Physical Security Key not solved before the change was made? I can't imagine that an increased demand for those tokens is really that surprising. Especially as they are out of stock for quite some time now.

If you could just walk into the next shop selling GTCs and stuff to buy that token most players would probably just do that instead of ranting here and yelling to undo the login changes. It would be an easy solution to most of their problems. But it isn't that easy and that's why so many people are annoyed.

Link to comment
Share on other sites

If you could just walk into the next shop selling GTCs and stuff to buy that token most players would probably just do that instead of ranting here and yelling to undo the login changes. It would be an easy solution to most of their problems. But it isn't that easy and that's why so many people are annoyed.

 

That, and because the advertised change was that user ID would replace email address, not that the entire system was to be revamped all at once. As such, it took most users by surprise. Change always takes adjustment, but change for the sake of change doesn't mean it's better.

Edited by -Wes-
Link to comment
Share on other sites

This is absolutely insane!!!, I got an even better one. My origin email is an old email address. my SWTOR is a new email address. All my cartel coin receipts and game updates and forum notifications go to my SWTOR email, but for some reason this new security feature goes to my old Origin email which is long gone. So I dont get the one time (haha) Everytime IP changes code. I have now had to call 4 times and wait 2 hours each time just to log in and receive one time code over the telephone. their IT department, their specialists dont know how to update my email info.... They dont know how to change my email address to the SWTOR address and not my origin email address? ummmm seriously. This is an absolute joke, but i am so glad for security reasons you ask me my security questions, the very same security questions that allowed me to log into the game. Solution? buy a security key, LOl why so you can find some other way to milk me? I love the game, I have been a loyal player since launch, It saddens me to say goodbye but on a good note, atleast I will get more fresh air and exercise, thanks for looking after my health Bioware, thank you for KOTOR and MASS EFFECT and the year and a half of SWTOR, time to move on, Farewell.
Link to comment
Share on other sites

  • Dev Post
Then how come i have to get that code of yours EVERY time i log out of the forum and want to log back in? I just tried it - and i have the same IP now as i had before i logged out, and even so i still had to get the code. Why?

 

EDIT: And fyi, being forced to spend around 28h per year just login into my email if i wanna make 5 separate posts on your forum each day, thats not an inconvenience - It's insane.

I've been looking into this, and while your game authentications (10+ times logged in) are working as expected without you getting prompted for an OTP, you are indeed getting prompted too often when logging on to the website.

 

From what we are seeing in the logs, it appears you are using 'incognito' mode, or disallowing cookies to be saved within the browser. This could be something you have done on purpose to stop being tracked by ad trackers (I do something similar using a NoScript addon in conjunction with a Ghostery addon), or something an addon in your browser is doing for you without you realizing.

 

Either way, stopping cookies from being able to be saved for the SWTOR website will mean that you get prompted every time you open the browser and go to the website.

 

You could use a different browser that hasn't been customized as a test (log in once to create cookie, close browser and go to SWTOR again to see if you get prompted again). I'd be interested in the results.

Link to comment
Share on other sites

From what we are seeing in the logs, it appears you are using 'incognito' mode, or disallowing cookies to be saved within the browser. This could be something you have done on purpose to stop being tracked by ad trackers (I do something similar using a NoScript addon in conjunction with a Ghostery addon), or something an addon in your browser is doing for you without you realizing.

The least you could do here is put an interval (once a day, once a week, whatever) on how often you will be required to use the OTP, given that a lot of people are not willing to (nor should they need to) dial back their client side personal security settings just to accomodate the fact that one website insists on using this particular mechanic (i.e., they will continue to run browser settings that refuse cookies or clear all history, use "InPrivate" browing, or clear all history and cache on exit).

 

None of the websites that I use on a regular basis that have legitimate "sensitive" personal data on me have a problem dealing with the fact that I always set browsers to the most draconian, anonymous, and "incognito" settings. Websites with information that I actually care about like my bank, credit card, loan servicers, and the one I do my taxes on all are able to secure my information without using OTP mechanics or relying on client side cookies to keep state with me.

 

If these companies that deal with the most sensitive personal financial information I have can manage the security of my data adequately without depending on loosened client side settings, then so can you.

Link to comment
Share on other sites

I've been looking into this, and while your game authentications (10+ times logged in) are working as expected without you getting prompted for an OTP, you are indeed getting prompted too often when logging on to the website.

 

From what we are seeing in the logs, it appears you are using 'incognito' mode, or disallowing cookies to be saved within the browser. This could be something you have done on purpose to stop being tracked by ad trackers (I do something similar using a NoScript addon in conjunction with a Ghostery addon), or something an addon in your browser is doing for you without you realizing.

 

Either way, stopping cookies from being able to be saved for the SWTOR website will mean that you get prompted every time you open the browser and go to the website.

 

You could use a different browser that hasn't been customized as a test (log in once to create cookie, close browser and go to SWTOR again to see if you get prompted again). I'd be interested in the results.

 

Yeah, i often use applications that cleans out my cookies etc, as safety measure since im not the only one with access to this computer. I did realise that was the reason for what's happening.

 

So what this means is, either i get prompted every time - or i lower my personal safety measures on my computer? Which is kinda counterproductive since one of the reasons i do this is to prevent others from access to my email...

Link to comment
Share on other sites

So what this means is, either i get prompted every time - or i lower my personal safety measures on my computer? Which is kinda counterproductive since one of the reasons i do this is to prevent others from access to my email...

 

You can also set up exceptions to allow cookies on individual sites. For example, on Firefox, this is under Options -> Privacy -> History, then choose "custom settings for History."

 

It doesn't solve the ISP IP address issue, of course. But, lucky for me, my access device is flaking out and won't connect anyway, so problem solved! :mad:

Link to comment
Share on other sites

You can also set up exceptions to allow cookies on individual sites. For example, on Firefox, this is under Options -> Privacy -> History, then choose "custom settings for History."

Not going to do it; nor should I have to. Other sites can maintain high security without forcing this. So can this one.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.

×
×
  • Create New...