Guide to Account Security

From Final Fantasy XIV Online Wiki
Revision as of 04:09, 10 March 2024 by Feronar (talk | contribs)
Jump to navigation Jump to search

Introduction

It is very important to keep your FFXIV account secure. Failure to do so may result in unauthorized access to your account, resulting in loss of gil or items, or even get you banned.

Use a strong, unique password

Follow proper password security guidelines, including:

  • Use a combination of upper and lowercase letters, numbers, and symbols.
  • The longer, the better. 12 characters should be the bare minimum. Password cracking difficulty increases exponentially with each additional character.
    • A 7 character password can be cracked in less than a second with modern hardware, whereas a strong 18 character password would take literally billions of years to brute force.
  • Avoid common words in your password. These increase the password's vulnerability to a "dictionary attack".
  • Do not use the name of a person, character, product, or organization.
  • Do not use the same password you use for any other service.

Enable two-factor authentication for your account

This adds an additional layer of security to your account. When activated, logging in will require an additional password that changes each time it is used. The password is shown with a mobile app or a physical token you can purchase. A guide may be found here.

Keep your computer and internet connection secure

Beware of phishing scams

Do not share your account details with anyone

Do not buy game keys from grey market resellers

Buy only directly from Square-Enix, Steam, PlayStation, or Xbox. Do not buy from "grey market" key resellers, even if you think you may be saving a few dollars/pounds/euros/yen. Keys from these sites are often obtained illegally (Credit card fraud, etc.) or may not actually be valid keys. It is also against the FFXIV TOS.

A scam might work like this:

  1. Bob steals a credit card, buys a bunch of game keys from the official store, and sells the keys on a reseller site to launder the money.
  2. Billy buys a key from the reseller, saving a few dollars. He registers it and for now everything seems to work just fine.
  3. Later, the rightful owner of the card reports the fraud and disputes the charges. The credit card company charges back Square-Enix. Square-Enix then locks all accounts that had the resold keys attached.
  4. Billy has now lost access to his account that he spent thousands of hours on. At best, he will have to pay Square-Enix back the entire amount out of pocket, and have a final warning and permanent black mark against his account. There is also a very strong probability his account will be terminated forever.

To avoid this, buy game or expansion keys only from Square-Enix itself, or from Steam, PlayStation, or Xbox.