Dave James – Editor-in-Chief, PCG Hardware
This month I was mainly… I want to play Rogue Trader. I mean, I like Warhammer 40K and I love CRPGs. So what’s stopping me? Mistakes on the day of release and warnings from my brother, in whom he already has his claws. But things are better now and I really should dig into the details before I lose myself in Dragon Age: The Veilguard.
Better to be protected than sorry. This is commonly accepted wisdom about internet safety. And fair enough; so much of our lives are online, and so are some of our most treasured possessions. You know, like our Steam and bank accounts. But for Gabe’s sake, there has to be something better than the increasingly bloated tyranny of two-factor authentication to keep them and us protected.
But before I start complaining, I want to make it clear that I understand. I know Why we have 2FA. I understand that in times of increasing cybersecurity incidents, whether they involve individuals or companies, it is critical to find a way to ensure logins are secure and resilient.
It’s certainly better than the days when we had our mighty Steam Press account stolen from under our noses back in the bad aged days of the depths of the Internet, and it’s better than the strangely flimsy passcode generators I once needed for online banking that invariably crashed. on itself in some pocket oddity, locking me out until I can get a modern one from a physical branch. But really, 2FA just makes me want to cry. Everyone. Single. Day.
My daily routine of logging in and going to work in the morning is so irritating that with each increasingly frustrated tap on the keyboard, I feel like hawthorn twisting under my fingernails. For this reason, Google is the worst offender, a prime candidate for the first 2FA against the wall when the revolution comes.
For reasons so uninteresting that I don’t need to go into them here, I have to log into my Google PC Gamer account every eight hours or so. Fortunately, the invigorating modern dialog at least saves my email address, but as a managed account, Chrome doesn’t want to store my password.
This means that I have to introduce them freshly every time. This alone causes pain that resembles a slightly grazed gonad. It continues and grows. But that’s not the end.
Then I have to verify my own phone login attempt. This usually involves simply opening your phone – using some form of biometric or pattern-based authentication – and then pressing a button on the screen. However, sometimes this is not the case. Sometimes I have to ask my computer to send my phone’s password via SMS because for some reason Google can’t see my phone well enough to send the standard verification notification through it. You will then need to enter them manually in the Google dialog box in the Chrome browser on your computer.
However it ends, that should be the end. This should be me in my Google life, ready to sift through emails about modern tech, weird tech, stock updates, cybersecurity training (hoho), and for some reason, emails about celebrity reality shows.
But no. That’s not it. Because as soon as I log into my email account, it shows up in my inbox for a brief moment before being kicked back to the login screen because it says I’m no longer logged in.
So I have to do it all again. Every day. On any device. Google immediately logs me out and demands that I jump through all the hoops just one more time.
While Brin and Page laugh maniacally in one of the countless mansions.
Then I have to log in to the messenger we apply for team-wide communication, which again requires a well-timed digital dance of email address, password, 2FA hit on the phone, and my own brittle sanity.
Sometimes I just sit in a cauldron of boiling rage, seething silently to myself and struggling to lower my blood pressure for a full ten minutes before I say a single word to anyone. Sometimes I just channel my rage and see how many people on my team I can upset with one little tirade.
I don’t think this is a particularly well way to start the day.
If it was just about my work life, I could probably handle it. I mean, work isn’t supposed to be fun, right? Never mind that I have to apply the Google Authenticator app if I want to post on our social media platforms. Don’t worry that if I finish work a little later, I’ll have to log in again (🤦♂️twice🤦♂️) when it starts kicking me for being too damn busy.
But I also can’t escape when I play. I assure you that Steam is quite solid. Sure, I have to apply a form of 2FA to get into my extremely valuable account the first time, but once I get there, I can be pretty sure that I won’t have to do it again on that particular computer unless something happens. disastrously. I can’t say the same about EA, Ubisoft or Epic.
Remember me. Please remember me. And if you can’t remember me, at least remember the equipment you live in. Unfortunately, no, no matter how many times ✅ this box of amnesia game stores invariably shows up next time with a warm “Oh, nice to meet you, would you like to play a game?”
And so the dance begins again. Find this password in my password manager. Sometimes I might even find out what the hell I named the damn account or what email address I linked it to. Then log in. Then find the password you need etc. etc.
It is relentless and there is no respite these days. But like I said, I understand. When we spend $80-$100 on a fleeting game, we need some form of security code license and when we live so much on the Internet. Two-factor authentication was a intelligent way to better protect businesses and individuals from brute-force attacks on stored data. Yes, even if your password is compromised, you will still be protected behind the 2FA armor.
Due to its success, it has become ubiquitous to the point that each login to any portal, profile or online application will require an additional form of proof of your personal authenticity.
Except it’s… a lot. There has to be a better way, that’s all I really want to say.
I’m absolutely not intelligent enough to know what any other way could be, and I absolutely don’t want to say “AI” because I know someone will throw their hat into the ring. To me, AI login control seems less secure than having a one-size-fits-all password tattooed on your forehead.
Maybe we could all be, you know, nicer to each other? Then people wouldn’t have to steal things on the internet and we could all just share them. It’s nice to be nice. There I solved the issue of internet security in the newfangled world. You’re welcome.