That too.Also if you used that password anywhere else, update it immediately. Its probably where this "hack" came from.
And absolutely do this too.Also if you used that password anywhere else, update it immediately. Its probably where this "hack" came from.
Do Nintendo Accounts support 2FA?
I know Nintendo accounts support the Google Authenticator, at least. So, do that.Do Nintendo Accounts support 2FA?
Just wondering how they made purchases with your Paypal account since they'd most likely need to log into that as well? Did you share passwords between your Nintendo account and your Paypal account?
Do Nintendo Accounts support 2FA?
Just wondering how they made purchases with your Paypal account since they'd most likely need to log into that as well? Did you share passwords between your Nintendo account and your Paypal account?
My paypal account was linked to the Nintendo one, so I guess they could make payments without going through it? I unlinked it now, also unlinked a bunch of networks and activated 2FA. It's midnight now here in Spain but I hope tomorrow I can get an answerDo Nintendo Accounts support 2FA?
Just wondering how they made purchases with your Paypal account since they'd most likely need to log into that as well? Did you share passwords between your Nintendo account and your Paypal account?
Not too surprising, they're not very vocal about it. IIRC the only place it's mentioned is the account settings when logged into their actual website.Thanks for the replies everyone - I had no idea 2FA was supported (and I enable whenever I can).
Thanks for the replies everyone - I had no idea 2FA was supported (and I enable whenever I can).
How do you do that?You can also adjust it so that you have to enter the 2FA Code before you can enter the Nintendo eShop.
Contact PayPal first of all if they can't cancel them they should be able to sop
Payments being made. Then contact your bank and see if they can cancel they payments.
Once you've done that if you can't recover your nintendo account try contacting there support and letting them know the details.
To be fair, the Google Authenticator can only be installed on an Android or iPhone device, so it's always going to be on your phone. The encryption verification code is literally the same as sending an SMS text to your phone number, but a bit more secure.Nintendo wanted me to use a google Authenticator for 2fa. Why not just a phone number? I hate authenticators
To be fair, the Google Authenticator can only be installed on an Android or iPhone device, so it's always going to be on your phone. The encryption verification code is literally the same as sending an SMS text to your phone number, but a bit more secure.
Unfortunately, sufficiently dedicated jerks out there have figured out ways around SMS-based 2FA (spoofing SIM cards, calling in to phone providers to claim that they're transferring the number to a new phone). Odds are they wouldn't do that for a Nintendo account, but app- and physical-token-based 2FA has an edge on that front.Nintendo wanted me to use a google Authenticator for 2fa. Why not just a phone number? I hate authenticators
There's usually a way to get "backup codes." I take screenshots of all of these and keep them in a separate folder in my Documents folder just in case "my phone breaks."until my phone breaks and its a pain in the ass to decouple it for a new phone.
Google Authenticator codes are compatible with Authy which has a Windows port. Authy also allows you to generate codes on multiple devices which is pretty handy. Google Authenticator only allows a single install so you can get in trouble if you lose your device.To be fair, the Google Authenticator can only be installed on an Android or iPhone device, so it's always going to be on your phone.
My point of view was from the risk of someone being able to spend more money worst case with nintendo is you could contact them about it should they ban the account.This is terrible advice and might get him banned from Nintendo and lose all his digital games etc.
First, contact Nintendo.
Paypal and especially the Bank should be treated as a last resort.
That's why I use authy.until my phone breaks and its a pain in the ass to decouple it for a new phone.
SMS-based 2FA is insecure and should not be used if there is an alternative.Nintendo wanted me to use a google Authenticator for 2fa. Why not just a phone number? I hate authenticators
I believe Authy supports cloud backups which can be transferred to a new device.until my phone breaks and its a pain in the ass to decouple it for a new phone.
Every time you make a purchase, and your default paying method is PayPal, you also have to login to PayPal.My paypal account was linked to the Nintendo one, so I guess they could make payments without going through it?
There's usually a way to get "backup codes." I take screenshots of all of these and keep them in a separate folder in my Documents folder just in case "my phone breaks."
Not really, I can pay through paypal without logging in again.Every time you make a purchase, and your default paying method is PayPal, you also have to login to PayPal.
I must be confusing it with PS4, then. On PSN you have to login every time, and apparently Nintendo should do the same.Not really, I can pay through paypal without logging in again.
Don't really want to reply to a warned post, but these threads are a good reminder for all of us to keep an eye out for this stuff. I in fact like people posting these every so often to remind me.
I must be confusing it with PS4, then. On PSN you have to login every time, and apparently Nintendo should do the same.
Just yesterday I made a purchase with PayPal and it asked me for the login, and it was my default paying method for months.Nah if you linked a Paypal to PSN it also goes trough without login to paypal every time. At least for me
There are other apps that can generate OTP without linking it to a specific device. 1Password has it, and I can generate codes from my phone, watch, laptop, work computer, etc.until my phone breaks and its a pain in the ass to decouple it for a new phone.
Well, there is an open-source OAuth 2.0 app for PC users:until my phone breaks and its a pain in the ass to decouple it for a new phone.
Yeah maybe thats the case, Rarely buy via PC.Just yesterday I made a purchase with PayPal and it asked me for the login, and it was my default paying method for months.
Maybe through the console itself it doesn't require login? I usually buy from the phone/PC.
They're convenient but the least secure 2fa method.I like 2fa that just sends a text to your phone number so that you don't have to worry about back up codes etc
What makes it the least secure? Because someone could steal my phone? My phone number is only one 1 device
Well, it's described in the article I linked in my post:What makes it the least secure? Because someone could steal my phone? My phone number is only one 1 device
Specifically, it leaves you exposed if someone hijacks your smartphone's SIM, a longtime problem that has only gotten worse of late. By stealing your phone number, hackers can redirect any two-factor notifications to their own devices, allowing them much easier entry to your accounts.
This literally just happened to me this morning too. I contacted Nintendo Support through their chat line and they're getting it all sorted out for me over the next couple days. I enabled 2FA on both my Nintendo and PayPal accounts, neither of which I knew supported 2FA previously, and changed both passwords.
SMS isn't secure. It's only encrypted part of the way and the encryption it does use is considered broken. And phone numbers can be transferred to another SIM surprisingly easily.What makes it the least secure? Because someone could steal my phone? My phone number is only one 1 device