How can I disable verification code?

[EZOVERDOSE]

I've only been playing this game for a couple days and it's already pissing me off. My IP is different every time I log in. There's virtually nothing in account settings and when I click edit profile it says "You are not allowed to edit this profile."

[Remlnx]

In some other post on this forum they posted an answer from the support. They cant remove it, you cant either, it's for your security, that was the answer.

[Aria Kyu]

As I stated in another post, you will either have to contact your ISP to give you a static IP, or deal with it. You physically can't do anything to work around this issue.

[EZOVERDOSE]

Thanks for the replies. Maybe a dev will see this and forward it to the right department to better their game.

 

Not only is this stupid, it's ridiculous. I use a VPN so my IP can be on like 3500 different ranges in 25 countries. That's millions of IPs. When you enter the verification code it says it adds the IP to a list. I just need to add some ranges to that list. I know the ranges, I just need access to the list. No, I am not disabling my VPN just to play this game. I will probably be uninstalling the game over this issue because it is extremely annoying and tedious and even more so since the email linked to the game is not the email I regularly stay logged in on.

 

Many years ago static IPs were more common than dynamic but now more are dynamic than static. Talking consumers here, not commercial. I don't know why a developer would create an authentication process that is not friendly with a majority demographic. Suggesting people call their ISP to request a static IP just so they don't have to deal with poorly designed authentication for a single game is just plain dumb. A static IP is more of a security risk than dynamic. So obtaining a static IP for the sole purpose of not having to deal with a poorly designed authentication process you open yourself up to be data mined and tracked or port scanned and hacked. Real hackers love people with static IPs. Gives them all the time in the world to get past your security.

 

This entire system needs to be rethought. The authentication process should create a hash value out of your hardware IDs and Windows version and login name or something. There could be a factor of IP included as well but it should be for the entire range at the 2nd or 3rd octet and not a single IP. Maybe even store a session token to reference last login to see if it matches. For that to fail the 'hacker' would have to have identical hardware and OS as you and be in the same town using the same ISP and get physical or remote access to your PC to obtain the session token and have your user name and password. I shouldn't need to explain the odds of that being realistic. About as likely as someone getting your last leased IP and knowing it was yours and having your login info which is the exploitable potential of the current system. Except my theoretical system would only make you enter a verification code if you upgraded hardware or OS or changed ISPs.

[Aria Kyu]

Unfortunately this has been brought up already by another poster. As it currently stands, the IP verification is the only security wall they'll be sticking to as of right now.