+ Reply to Thread
Results 1 to 3 of 3

Thread: This much work to reset password?

  1. #1
    Shadowlander
    Join Date
    Feb 2011
    Location
    Washington State
    Posts
    40

    Default This much work to reset password?

    My husband and I are coming back to the game after not playing for a few years. I had no problems resetting my password. My spouse, on the other hand, is having a lot of issues. Rather than just going through a reset algorithm on the website, he had to submit a ticket. After a number of hours, CS responded and asked for a ton of info, some of which doesn't even apply to his account - things like his Glyph tag, which we didn't use when we played.

    They want him to not answer his security questions, but to provide the questions themselves.

    To provide the last 4 digits of the credit card he has on file... did I mention it's been years? 7 years, to be exact.

    PayPal email address on file.... which he doesn't use. What does this have to do with Rift?

    Steam ID... which wasn't used in connection with Rift.

    Creation date of the account. I mean seriously, the exact creation date?

    Order/Transaction IDs.

    *****

    This is a lot of work to reset a password. I get that some basic information needs to be provided. Your name, your address at the time you played, your date of birth, your email address, maybe answer the security questions.

    But really folks, why not just email people back and tell them you aren't interested in people playing Rift?

    And the wait time is ridiculous. First response took 3 hours. He responded. Been waiting 14 hours for a follow up.

  2. #2
    Ascendant forbiddenlake's Avatar
    Join Date
    Jun 2013
    Posts
    5,415

    Default

    Well the alternative is letting someone else get access to his account, or he gets access to someone else's account. Security always has friction, and obviously there was something odd about his account/attempts, or he wouldn't have to go through this.

    PS to any Trion engineers: Please drop the Rift Auth app, and add an industry-standard TOTP flow instead. This way I can use any spec-compliant 2FA app I want, and you don't have to maintain an app.

  3. #3
    Shadowlander
    Join Date
    Feb 2011
    Location
    Washington State
    Posts
    40

    Default

    My issue is not with account security. You can get that by asking some questions that nobody else would have. You already have the email address on file. The address and date of birth, sure. But things like a glyph tag when the account predates using glyph? No. Things like a paypal email address? No.

    Also, I didn't go through this when I reset my password in January. I wasn't asked a ton of completely unrelated questions.

+ Reply to Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts