14 replies to this topic

[arcana75]

Few days ago I got my Twitch Prime account suspended indefinitely. Fired an email to support and basically they are upset with me, but I didn't use my account, so I guess it was hijacked and the hijacker did something terrible. To be fair my password was stupidly easy and a common lazy password. I am upset only that my twitch account is named "arcana75" and I've now lost that.

I got to thinking, if I'm not wrong MWO doesn't have 2FA. Considering the amount of money some players have invested into MWO, shouldn't MWO have 2FA?

[TLBFestus]

I suppose it would be a good idea, but more importantly, "Who would want to steal a MWO account in the first place"?

[N0ni]

It's not like MWO has a trading marketplace dealing with IRL currency, therefore doesn't have two factor or need it. Extra security can't hurt, but the only things that aren't free are c-bill bonus mechs (excluding that one event), cosmetic items and premium--- everything else you can get free with enough time and effort. Why even bother?

*Edit: Sucks you got your twitch prime account suspended, but that'll teach ya to have a:

arcana75, on 13 February 2018 - 03:29 PM, said:

stupidly easy and a common lazy password.

Edited by N0ni, 13 February 2018 - 03:46 PM.

[Zigmund Freud]

Nope. Nope. No thank you. Either make it strictly optional, and in no way of form forced onto the user, or just don't.
I just hate it when any stupid website or application requires your valid mobile phone for registration/functioning, while not having any technical no-way-around reason to do that. I hate the stupid developers who think their customers are complete clinical idiots who can't handle a 6-symbole password and use 'qwerty' as a protection for their 10000$-worth accounts. (no offense, OP)

Edited by Zigmund Freud, 13 February 2018 - 03:54 PM.

[arcana75]

It doesn't have to be compulsory, most services today have it as an option to turn on and off.

TLBFestus, on 13 February 2018 - 03:36 PM, said:

I suppose it would be a good idea, but more importantly, "Who would want to steal a MWO account in the first place"?

The same idiots who TK-grief in MWO Tier 5? Who knows what such people are motivated by.

[N0ni]

arcana75, on 13 February 2018 - 03:59 PM, said:

The same idiots who TK-grief in MWO Tier 5?

But all of those are just throwaway accounts, stealing someone's account just to use it for a day or two before getting banned makes no sense when they can make another in 10 seconds or less.

[arcana75]

N0ni, on 13 February 2018 - 04:01 PM, said:

But all of those are just throwaway accounts, stealing someone's account just to use it for a day or two before getting banned makes no sense when they can make another in 10 seconds or less.

I meant for the sole purpose of griefing eg log in, sell all the mechs, etc... but I digress.

Edited by arcana75, 13 February 2018 - 04:14 PM.

[Humpday]

+1 2Fa...always
#lifehack

[Gamuray]

TLBFestus, on 13 February 2018 - 03:36 PM, said:

I suppose it would be a good idea, but more importantly, "Who would want to steal a MWO account in the first place"?

I mean, if you really dislike someone, maybe you'd try to get into their account, spend everything, change the email address, change their password, just to screw them over..

I wouldn't, but there may be people like that..

[ramp4ge]

What'd they do to get your Twitch account banned?

[arcana75]

ramp4ge, on 14 February 2018 - 12:20 AM, said:

What'd they do to get your Twitch account banned?

I honestly have no idea. I didn't use it for like a month, then one day received an email that my account has been suspended for violation of terms of use. I try to log in and Twitch says the account has been disabled indefinitely for abuse. I write in an appeal and the guy responding to me said this:

Quote

Hello arcana75,
Your account is indefinitely suspended for committing purchase fraud, such as using stolen payment information, abusing Twitch Prime, abusing buyer’s remorse, or abusing chargebacks. We do not unsuspend accounts for this level of abuse.
We reserve the right to suspend your account at our discretion and without notice. Please read our Terms of Service for more information regarding account termination.
There are no appeals for purchase fraud.
This is the last communication you will receive from us regarding this.

Not only was it suspended forever, I could not appeal. Something financial related, and the only thing I could think was related would be the free once a month sub to a streamer from my Amazon Prime account link. Could not even ask them when this happened or to check the login IP address (I'm not in continental USA or Russia or China where most of these hackers come from).

I don't have any personal financial info on my Twitch account like a credit card since it's used for watching only so I don't know how it can even be abused for financial gain or to commit purchase fraud.

The funny thing? I can't re-register as arcana75 but I can re-register using the same email. This time though I turned on 2FA.

Edited by arcana75, 14 February 2018 - 02:04 AM.

[Exilyth]

I'm not using a credit card so I don't know: how much credit card information is visible to a user logging into an account?
That would be some valuable data - literally.

[Zigmund Freud]

Exilyth, on 14 February 2018 - 11:18 AM, said:

I'm not using a credit card so I don't know: how much credit card information is visible to a user logging into an account?
That would be some valuable data - literally.

Pretty sure you buy all real money stuff from the website, where it it protected as any other online transaction like with amazon. In game account you can't get to your bank info or any kind of real money (except MC), so griefing is the only reason i can imagine.

[arcana75]

Exilyth, on 14 February 2018 - 11:18 AM, said:

I'm not using a credit card so I don't know: how much credit card information is visible to a user logging into an account?
That would be some valuable data - literally.

$ purchases are via their online merchant partner Xsolla, so all info is with Xsolla not PGI. However, once you break into a MWO account, and you click on something in the store to purchase, you immediately connect to Xsolla which has your stored credit card info. Unlike Paypay for example, there is no separate Xsolla login and password. You hit checkout and I can't remember if it asks you for the CCD number, but there's no further 2FA on Xsolla's side, eg a 2FA SMS.

Sorry I can't recall and don't want to test with real money of course. Someone who recently made a purchase can confirm this. Will update soon, since the Solaris 7 mech pack is mighty tempting.

Edited by arcana75, 17 February 2018 - 01:16 AM.

[N0ni]

Luckily if you're in the US and buying from PGI/Xsolla you'll probably get auto-declined anyway and either get a call from the bank or have to call the bank saying this transaction is ocean king.

There's an option to either save information for later or if you accidentally didn't uncheck that, you can go in and delete it. Still have to put in the 3 digit thing either way.