I do.
Hey BP, Sorry to hear about you losing your account, this is |MaguS|. Was it done by someone you know? Were you sharing your account still?
My email?
I've got a different secure password on that and it's easier to recover if I lose it. Proving your identify to Microsoft can get sorted out.
It's good that you have a unique and secure password on your email. It's your most important account. With access to that, an attacker could simply reset the password to most of your other services. Unfortunately, email can be broken into from anywhere in the world. 2FA should be something you physically carry on you. You *can* use email when places give you the option, but it's the least secure option. Email <<<<<<<<< SMS << App < Physical security key
How can you access the recovery codes? I'm pretty sure when I set it up a few years again I just ignored that part lolEveryone should grab their Recovery Codes after enabling 2FA (anywhere). In case of no phone or other emergency. Don't see it mentioned enough.
You could probably disable it, then enable it again. And this time, pay attention 😆How can you access the recovery codes? I'm pretty sure when I set it up a few years again I just ignored that part lol
Yeah, it's always good to have. I don't think I've needed to use any (maybe one once, for some reason I can't remember) but it's always good to have them around. I have a folder with them all "printed" out as PDFs, and I plan on actually printing them out and stuffing them somewhere too as a backup.Everyone should grab their Recovery Codes after enabling 2FA (anywhere). In case of no phone or other emergency. Don't see it mentioned enough.
That's true so I guess I'll give that a shot 😄You could probably disable it, then enable it again. And this time, pay attention 😆
My condolences OP. Something similar happened to a friend of mine. He got slightly aggressive whilst staying polite and managed to get his account back, after a bunch of phone calls and emails where he had to send them a scan of his ID. There are too many incompetent Sony reps out there, so you have to try several times until someone feels like helping.
They'll be in the security section of your account management.How can you access the recovery codes? I'm pretty sure when I set it up a few years again I just ignored that part lol
Happy for ya! 👏🏾UPDATE: Account is back into my possession! The BBB complaint got their attention immediately. Thanks for your support and glad this thread helped people not need to go through this. I already added 2SV to the account and I'm ready for Death Stranding!
I'm happy you got your account back.UPDATE: Account is back into my possession! The BBB complaint got their attention immediately. Thanks for your support and glad this thread helped people not need to go through this. I already added 2SV to the account and I'm ready for Death Stranding!
UPDATE: Account is back into my possession! The BBB complaint got their attention immediately. Thanks for your support and glad this thread helped people not need to go through this. I already added 2SV to the account and I'm ready for Death Stranding!
But why?I used a fake date of birth back when I signed up so I'd be even more screwed than you OP lol
some people would rather their real birthdate not be used when possibleThat's great news! I've won a few disputes using BBB complaints. It works so well.
But why?
Understandable to a degree, but when signing up for a service where that could be one of the questions in case of account compromise / loss, it seems a less than ideal idea.some people would rather their real birthdate not be used when possible
I wish Sony supported authentication apps instead of SMS, not that hard to get around that if a hacker wanted to...
It doesn't use data. Authy (or google authenticator or whatever other app) uses your device's clock to generate a 2fa code that changes every 30 seconds. You set up a site by scanning a QR code or manually typing in the key.
That's great news! I've won a few disputes using BBB complaints. It works so well.
But why?
I just changed phones a few days ago.I had a few things on google authenticator, changed phones and lost access to the authenticated accounts. Luckily it was just Discord and some other minor site, but I'm terrified of authenticator apps now. If my PSN was on it I'd be screwed.
It's pretty easy to spoof your cellphone number so you receive SMS intended for someone else.Enabled that day one, thankfully. Crazy you need the ps3 number. Trashed mine years ago.. lol
Vulnerable SMS solution?
I just changed phones a few days ago.
You just sign in to those accounts, disable 2FA, then set it up again on the authenticator on the new device.
I just changed phones a few days ago.
You just sign in to those accounts, disable 2FA, then set it up again on the authenticator on the new device.
You misunderstand.If you have 2FA enabled you can't sign in on a new device without the 2FA code. That's literally the reason 2FA exists. If you can simply sign into the account with the password and disable 2FA, then 2FA is entirely pointless.
You misunderstand.
I'm not talking about doing so on a new device, I'm talking about moving your authenticator from one phone to another. Even though you can transfer apps to a new phone or redownload the app on your new phone, none of the accounts that you were using the authenticator app for will migrate. If you still have the old phone or you typically sign in to these accounts on a laptop/PC, you would likely already be signed in, or if not, these would be recognized devices so you won't be prompted (and again, if you do still have the old phone, it's not a problem at all). From there you can manage the accounts and set up 2FA on the authenticator on the new phone.
Even if you lost the old phone or it stops working, and you're asked for verification for these accounts, you just use a backup code that was given to you when you set up the account. Then you can sign in and manage the account as above.
I don't see how this is possible, as far back as at least 2011 on PS3, it was made that signing into your PSN account on a new device required re-entering card information.Similar situation happened to me around PS4 launch, I had my account stolen and my card was charged for hundreds so my Bank called me and I said it wasn't me they charged it back my account got banned and I lost thousands spent in games on ps3 4 and vita, close to 10 years of plus games and trophies. Like how was I supposed to know a chargeback can't be done on psn accounts, someone stole my money and I told my bank it wasn't me. I was fuckin pissed stopped gaming on consoles from 2013 to late 2018 but I'm back on PlayStation I just missed the exclusives and trophy hunting. Fuck Sony and their shitty practices regarding accounts. Everyone should be required to use 2 factor.
I had a few things on google authenticator, changed phones and lost access to the authenticated accounts. Luckily it was just Discord and some other minor site, but I'm terrified of authenticator apps now. If my PSN was on it I'd be screwed.
Actually, come to think of it, one of them was my Nintendo Online account, and I got that one back with a QR code I think, but I'm not 100% confident in them.
I guess that makes sense. I forget everyone isn't an old man like me :P
Spoofing a cellphone number does not work with incoming text or calls. Only outgoing. You either have to intercept the text by hacking the cell tower the phone is connected to or social engineer customer service to allow you to activate a new sim card. Both are too much work for any random person.It's pretty easy to spoof your cellphone number so you receive SMS intended for someone else.
Depending on if you still have the phone you can actually recover those accounts as google auth is honestly so fucking insecure that it leaves your token secret keys unencrypted.I had a few things on google authenticator, changed phones and lost access to the authenticated accounts. Luckily it was just Discord and some other minor site, but I'm terrified of authenticator apps now. If my PSN was on it I'd be screwed.
No, there's a hack you can do with how calls are routed internationally. Basically, you can advertise that the SIM is roaming and networks will just believe it and give you the SMS message. It used to be quite hard but as the hardware has become more widely available it's more feasible for attackers to exploit.Spoofing a cellphone number does not work with incoming text or calls. Only outgoing. You either have to intercept the text by hacking the cell tower the phone is connected to or social engineer customer service to allow you to activate a new sim card. Both are too much work for any random person.