-
Hello Legends!I'd like to take the opportunity to remind you all of your personal account security.
First and foremost, you should always make use of MFA / 2FA (Multi-Factor Authentication / Two-Factor Authentication) throughout the entire chain.
Be careful when thinking MFA on your EA/Steam account is enough. If your auth code is sent to your e-mail, compromising your email account makes your EA or Steam authentication method completely irrelevant.
Even if your auth code isn't currently sent to your email, remember that there are usually always an alternative recovery authentication method.
With that said, protect your e-mail account too! And if you use Facebook Login... Protect Facebook as well! Last but not least, resist the urge to use the same passwords for all your accounts.
Personally I recommend:
Google Authenticator (Gmail and Other Services, Reddit, Discord) Microsoft Authenticator (if you use a LIVE / Hotmail) Yubico Authentication Device AuthyOther Recommendations:
LastPass 1PasswordHere's how you can determine how targeted your account may be:
Log in to EA.com Go to "My Account" Go to "Your EA Data"Your button will state "Request My EA Data"
After about 20 to 60 minutes (up to 24 hours) your data should be available for download.
Open your .json data file in Notepad++ or any other text-based software. Scroll down to the bottom to look at recent activity.As you can see, multiple login attempts from the US is made to my account.
"Event_Status": "SUCCEEDED" - would mean that someone or me, gained access to my account, and these are the only ones of interest to me from a security standpoint. It does however show you how common this problem is. Account security is important!
Note: This information should be available to EA as well. However. You are solely responsible for any and all activity made on your account. Thus, they are not required to unban your account if it indeed was compromised.
How to Enable 2FA/MFA For EA.com(Thank you
) Log in to your EA account at ea.com by clicking on the profile icon Fill your account info and sign in. Click on the profile icon again once back on the main ea.com page. Then click account settings In the left side menu, click security. From this tab you can set up several types of security. You can do email, text, call, or authenticator app. The best one you can pick will always be an authenticator based app. It is far safer than texting a security code to your phone. You can do this with Google Authenticator or choose another reliable one from your app store. For the purposes of this example, stick with Google.Once you have the authenticator app installed, click continue on the screen EA will have you enter a set of 4 alphanumeric sequences into the authenticator. Once that is saved in Google Authenticator, a set of 6 digits will pop up in the Google Authenticator main screen. Enter these in at EA.com and click save. A set of backup codes will appear. write these down somewhere. You will need them if you forget your password. Virus Protection
I'm not a fan of custom virus protection clients. Windows Defender is probably all you'll ever need. But make sure it's enabled! If you've disabled UAC (User Account Control) because you are bothered by the Windows dialogue when starting a program, re-enable it!! You are potentially elevating all software with administrative rights without it!!
Common sense is your best protection!! Do not log in through random links sent to your email. Be wary that EA Support emails are easy to spoof. If you are sent an email, go to their website directly and log in. Do not use provided links to your account.
Recent Rule ChangesFirst, a boring note: According to our Support Request guidelines, we do not allow posts that can only be answered by the EA / RSPN and thus we ask you to refrain from posting your permanent or temporary bans on our subreddit.
Reddit mods cannot help you. We are not involved with EA or RSPN and are not under any contract or agreement. We are simply fans of the game with ZERO connection to the respective companies. The community cannot unban you or provide correct information about your suspension. The community cannot change anything related to your ban, no matter what caused it.
Artwork/Fan Creation Guidelines
Content captured from modified clients, aka Mods, must be flaired appropriately.
Posting Content from modified clients, or MODS, must be disclosed accordingly using the new flair: Modded. This means that we are not actively going to stop modified content from being posted.
No Calls to Action
This means no posts should attempt to rile up the community to act against an entity, person, country, or organization.
This subreddit is not a place to create an army against anyone. No posts or comments should be made directed towards one or more individuals, their personal opinions, beliefs, current or historical actions. Including general public figures such as Streamers.
Posts criticizing Respawn as a company, EA or Apex Legends are allowed, if they remain civil.
We've clarified that we no longer tolerate any discussions directed towards one or more individuals in an attempt to rile the community or to create an "army" against one. This includes all posts related to "Please ban X". That is all! Thank you! -
Keep in mind- NONE OF THIS MATTERS.
I went through all of these steps and provided ample proof that it wasn't me cheating on my account. Downloaded the EA data, enabled 2FA, none of it mattered and they did not care. Upheld a permaban on an 1,100 hr account with an heirloom after I got hacked and my account was used to boost. They literally do not give a fuck about their playerbase.
ID: hevxsbyID: hex9lk3I was away from my computer for 3 months and come back to my account banned because someone in Asia was hacking on it lol. Was told tough shit.
ID: hexul8pI got banned Sept 23 and I didn't even have electricity at home. They sent me the email at 11:51am, the night before I played ranked no issues
ID: hez2ck9There have been tons of hacks (my season0 account included) using the available security measures from EA.
This means that EA has had a mass data breach of passwords and not releasing it to the public or they're not programming against brute force entries.
ID: hey0fnyYup, similar experience. Got hacked, account banned, changed password and activated 2-step authorization only to get hacked again the next day. Never got any prompt in my email about it. I got my account back though in an odd way of ban lifted but no notification about it anywhere.
If you’re going to give advice to players about account security, then FIRST FIX YOUR OWN FUCKING SECURITY so we don’t have to pay for your incompetence. I could attach a minigun to my account as a security measure and it still wouldn’t make any difference since EA security measures are literally swiss cheese. Never have I have encountered a shittier security in games.
ID: hezwxrfKeep spam contacting them until they do the right thing.
ID: hezy3wiI opened probably 7 or 8 cases, tried messaging hideouts, tried everything. Provided prove that I was camping hours away, provided proof from my job that I was at work, they just don't care. Every time I talk to someone on the phone they understand and can see and seem highly confident I'll get my account back, then I just get some generic email response from some braindead ToS employee telling me they're upholding the ban. The people on the phone have even told me, and I have confirmed through my EA data, that people are STILL trying to hack/access my account.
ID: hf3j1dyThen you did something wrong. If they need like three different passwords to "hack" your account, you are safe - or you have terrible passwords.
2FA doesn't mean shit when all factors have the same password.
Have a strong good password for each service (EA, mail account) Have these really strong password (randomly generated) in a password manager that is locally stored Never enter your credentials on suspicious sites Chance of getting "hacked" are zero then. How do I know that? I never got hacked, because I follow these rulesAlso always remember: Nobody here ever got really "hacked", you aren't important enough for getting "hacked". No real hacker will steal your account to cheat, nobody.
They literally do not give a fuck about their playerbase.
When you have terrible security options thats your problem, not theirs.
ID: hf4n65rAre you aware that hackers are bypassing 2FA and passwords by just calling up EA support on the phone and using social engineering?
ID: heyv3nrno one wants you in the playerbase if you are cheating or boosting. good riddance. yeah yeah i know you "didn't do it" and "was hacked"... yadda yadda
ID: hezjbnjYou just don't know what you're talking about so I'm not going to waste my time arguing with you, you're just straight up wrong
ID: hf0mgbrwhy are you so confident they don't falsely ban people?
they banned me w/ no infractions, rejected my claim saying that i was cheating, and then reversed the ban the next day lol
-
Gracias
-
I've had 2fa enabled for ages. You should enable it everywhere you have an account.
-
So... I take it our accounts aren't safe at all since it's such a common issue that this has to be posted?
-
Downloaded my EA Data yesterday and it seems about 30 different cunts from 3rd world countries are trying to hack my account daily.
-
Thank you for the "no calls to action." I have seen multiple times of someone posting a 20 second clip with no context of them being banned and calling out the devs, then 12 hours later come to find out they are actually a racist piece of shit that was cheating. And every single time this sub falls for it......
ID: heuz3gvMy friend actually did get falsley banned for cheating last week, not that we posted it to this sub. It happens.
ID: hevld79Its sad when it does happen but with so many people playing victim it becomes difficult to believe anyone anymore when so many people jump the gun without all the facts.
ID: hexydnrLike look at the guy above that said he had 2FA, 1100 hours and still got permabanned with 30ish upvote. Not saying that's completely false but ain't trust that chief.
People trust internet too much and sadly this kind of stuff will always happen... Look at the "i got cancer, pray and upvote for me" then OP said he lied for Karma
ID: hey1njkYou can trust it or not, its the truth. I posted about it when it happened hoping the dev's would look at it to try and prove they acted correctly (because they didn't) so they would see I've never cheated. I even got my timecard from my job to prove I couldn't have been cheating LMAO they don't give a shit
ID: hf417mfWell, he technically can be banned with 2FA, if his password for his EA account and second factor are the same.
ID: hexii4bI remember the guy who posted about being banned for saying something like "gibby is gay" and then a dev commented that he was actually banned for the N word
ID: heyvgg4yeah but this is also about people making hate posts and comments against specific developers or former developers. i'm glad this is stopped now.
-
Thanks!
-
Worth noting that Microsoft Authenticator can also sync your accounts to the cloud securely so if you lose your phone it's easy to recover that using your appropriate authentication methods to get back in to your Microsoft account, presumably 2FA through SMS/backup email etc. MS Authenticator can also be used on just about every site that uses that type of 2FA even if they don't explicitly mention it, I use it for like 20+ accounts/sites now.
Also make sure to use your browsers or password manager's dark web scanning function that can report on compromised accounts/passwords that are floating on the dark web. We used to get reports of sites that got hacked but it's so frequent it stopped making the news and those sites often don't bother sending emails that it happened any longer.
-
your welcome
-
I can verify they won't unban you, a friend of mine got hacked and the person who hacked into his account was using cheats and he got banned despite the login not being from his main device which is sad. He tried disputing it with EA to no avail
ID: hewx0v6My account got unbanned. I have no idea how someone got access to it, but they did. I don't think our accounts are safe.
-
Yeah that’s cool and all but my mates and a lot of other people still had their accounts stolen from them even with FA-2 enabled, all they had to do was talk with EA’s crappy customer support chat and they just gave away the details of the account like it was god damn Halloween
Edit: Here’s a pretty recent example
Edit2: Another recent one
ID: hetxdtyI'm not saying your mates didn't get their account compromised but I doubt EA will ever just "give away information like it was god damn Halloween" to an account that isn't authorized to ask for it. Unless you provide proof of this happening, my pov won't change. One or more account(s) must've been compromised in order for that to happen.
Edit after you added link: Yeah, account was compromised before the request to change email was made.
Not defending EA but the account should've been secured from the start, and that's the point of this post.
-
on a similar note - how does one figure out which email was used to play Apex Legends? I do not know my EA login or anything either.
I cannot find this in the settings of Apex Legends anywhere
-
Here's how to turn on 2FA for EA.
Log in to your EA account at ea.com by clicking on the profile icon
Fill your account info and sign in. Click on the profile icon again once back on the main ea.com page. Then click account settings
In the left side menu, click security.
From this tab you can set up several types of security. You can do email, text, call, or authenticator app. The best one you can pick will always be an authenticator based app. It is far safer than texting a security code to your phone. You can do this with Google Authenticator or choose another reliable one from your app store. For the purposes of this example, stick with Google.
Once you have the authenticator app installed, click continue on the screen EA will have you enter a set of 4 alphanumeric sequences into the authenticator.
Once that is saved in Google Authenticator, a set of 6 digits will pop up in the Google Authenticator main screen. Enter these in at EA.com and click save. A set of backup codes will appear. write these down somewhere. You will need them if you forget your password.
ID: heunx30Added to the main post. Thanks for the reminder, of course this should be listed 🙂
-
Authy should be mentioned alongside google auth imo.
ID: heuwzg7I can add it. I just have a harder time recommending products I haven't tried myself 🙂
ID: heux9xjWhile we’re at it, why not also mention password managers? No one takes “don’t reuse passwords” advice seriously because it’s too tedious… I use Bitwarden but there’s a lot of different products to choose from (lastpass, 1password, so on)
-
Anyone else read this and was left thinking “wtf happened to make this post necessary?” Lol
Hate when I miss the juicy stuff
-
When I try to view my data I never get the verification code to my email
-
Please ban X
...
Seems like mods got tired of all the "unjustly banned" or "Person X is a bad dev and should KYS"
-
Fix servers and game.
-
Wow you're like a year late. This issue started in mass at around season 6. So many people have been fucked over now. A lot of the posts by people here including myself just asked people to enable 2fa, should have stickied it then, but i guess better late than never
ID: heyvknxSo many people have been fucked over now.
should have stickied it then, but i guess better late than never
it's common sense to secure your account.
it was common sense before this post was made. it was common sense a year ago. it was common sense 5 years ago.
ID: heyxqqkYou're the type of idiot that was born 5 years ago. Lots of people have older ea accounts than you and they never notified when 2fa became a thing for them. Unlike for example steam accounts that let's you know it's not on.
People have lives and can't spend all their time going to check all their game accounts settings for 2fa. You sound like you don't have much to do but care about your video games, get a life maybe or don't
-
ea developers here?
here's a case for you
the security code to enable authentication is not sent to the mail
other security codes come without problems
I changed my mail, changed my account password, added another mail
the support team could not help me -
fuck all rubbish EA dev, fix the fucking server.
ID: hevg6o6Such inspiring words.
-
2 of my friends got hacked into through origin and the hackers bought the battlepass using the coins they saved up. They didnt want to buy this seasons battlepass because it sucks and ea support said they cant do anything about it. Stay safe everyone.
ID: hetzgbzTurns out ea needs to get battle pass sales up and they are the ones hacking
-
Console accounts are rarely, if ever compromised. You should be OK. Someone more versed in consoles can help you with your remaining questions.
-
I want to do this but I forgot my password and the email and I can’t log in with psn so I don’t know what to do
-
Wasn't no call to action already a rule from before? I remember one of my post being removed for that reason from like 1 1/2 years ago
-
Finally
-
I keep getting a "Cannot interpret QR code" error code in my authy app. 🙁
-
TY so much mate. You are a legend. Finally, someone who talks about problems and show us a solution or prevention. Not many people know how much is important to have a 2FA. Still, it is not perfect, but it is something.
-
Keep in mind- FIX YOUR GAME!
-
Thanks for this, I just turned on 2FA. While looking at my email for a code, I actually found an email from GOG that somebody tried to reset my password there. Lol.
-
Fix The servers instead tbh. Sometimes i Wonder if you even monitor them, probably not
-
I’d agree with this but I mean the origin 2FA bypass is public knowledge and has been leaked a million times over and hasn’t been patched in a year. If someone wants your account bad enough 20 minutes is all it takes lol. If they’re feeling spunky (I did this to my brothers account with no proof I owned it to recover it for him) you can just contact support give them minimal proof you’re the owner and they’ll email change the acc for you
-
They should make it that u get like a charm or something when u enable 2FA on your account so more people will do it.
-
There is an annoying ass glitch that freezes the game when we are about to join and the only to get out of it is to restart the device.
-
2fa notice should come up as pop up in game. Not everyone uses reddit . You already have ability to do this. Devs Ffs please put this message in game. Why is it so hard to figure out.?
-
The post clearly states that moderators here have no affiliation to Respawn or EA. We cannot see your data, we are not developers (at least not on Apex Legends), we are just players like you.
I will say this though, it is not the responsibility of the game developers to remind people to use 2 factor authentication. They are developers, not technical support. 2FA should be enabled on any and every account you use online, if it supports it. You can use any free and secure authenticator to manage 2FA (posted above) or a password manager like 1Password or LastPass to manage all your credentials (passwords and 2FA).
-
I know it's not your responsibility. But it's a basic thing which devs could have done ages ago and avoided so many issues. Devs lurk around here so maybe they see this comment. But thanks to idiots down voting it'll never see light if they day.
-
"doctors please inject me with common sense at birth so i know i have to secure my logins"
-
If that was true then there won't be so many idiots posting here how they lost their account with 100s of dollars.
-
No Calls to Action
This is a good change, cause what I really hate is THIS STREAMER DOES THIS, PLS CANCEL posts or similar. I've seen upraise of these posts on reddit, where people CTA and then take justice into their hands, dox people in the posts and follow their social media in effort to destroy them. I seriously hate this attitude and I am happy this measure is being taken. If you want to listen a good TED talk about it, here:
With that being said, I hope we can still make videos "The amount of cheaters in this game is unbearable" and video of cheaters cheating.
-
Coulda swore you also commented some toxic and crazy annoying stuff in this sub before, who knows, 7+7=14 I guess
-
Tl;dr, looks like this guy’s gonna hack us
引用元:https://www.reddit.com/r/apexlegends/comments/pyfit7/account_security_and_recent_rule_changes/
That's rough man, I just got banned for cheating as well on my pc account about 2 weeks ago after checking my email yesterday and finding out. and I don't even play on pc, mainly console. Figured it's not even worth trying to convince them.