EA Forums Online Security Newsletter - October

EA_Kuba

Community Manager

16 days ago

Hello and welcome to the 12th (🤯) edition of the Answers HQ Online Security Newsletter!

Can you believe our newsletter has just hit its first anniversary? That's a significant milestone, and we are really grateful for each comment, tip, and experience shared! 🥳

During October, we've celebrated Cybersecurity Awareness Month by publishing four articles filled with tips for your online safety. Most importantly, there were several comments with additional tips from the community. Make sure to check them all out and put the tips into practice!

This month, our Security Focus will be a deep dive into Two-Factor Authentication (TFA). We'll cover crucial aspects to consider and share a few tips for enhancing your online safety.

Additionally you'll learn what in-game benefits enabling TFA gives you in EA games!

As always, participation in the newsletter - whether by commenting in the thread, sharing your tips and experiences, or solving the quiz- will earn you a unique forum badge for your collection.

If you have any feedback or want to design your own additional challenge, make sure to check the Feedback Hub and choose the correct form.

Two Factor Authentication Deep Dive

What is TFA and why do I need it?
TFA is a second layer of defence against account takeover. Even if a bad actor gets your login details, they won’t be able to access your account without a unique number you get via an authenticator app.

Types of TFA

There are several types of Two-Factor Authentication (TFA) available. Authenticator apps, such as Google Authenticator, Steam Guard, and Battle.net Authenticator, are highly recommended because they work offline and are more secure than text messages or email. For those seeking ultra security, hardware keys like YubiKey and Google Titan are available, though they might be overkill for casual gamers, they are a solid choice for competitive gamers or streamers. Lastly, SMS or email authentication can serve as a backup, but they are less secure compared to authenticator apps.

Why use an Authenticator App over SMS/Email?

App-based authentication offers significant security advantages over SMS and email. Unlike SMS, which can be intercepted or fall victim to SIM swapping, app-based codes are generated locally on your device, ensuring they are unique and time-based. This provides a faster and more secure login process, additionally, app codes change every 30 seconds, for additional phishing protection.

Red Flags to watch For
Be cautious if anyone asks to "borrow" your TFA device or requests to disable TFA for "troubleshooting" purposes. Additionally, be wary of suspicious TFA prompts when you're not actively logging in and be cautious of any "emergency" authentication bypasses. These can all be signs of potential security threats.

General Tips for TFA
First, make sure to enable TFA on all your gaming platforms. It's a good idea to use different TFA methods for various services to enhance your security. Always keep your authenticator apps updated, and try to avoid using the same device for both factors, such as a password manager and authenticator on the same phone. Never share your TFA codes, even with "support staff," as real support will only ask for a different verification code. Avoid disabling TFA for convenience and be cautious of fake authenticator apps.

Recovery Methods
Store your backup codes securely and away from your gaming PC. Consider printing them, writing them down, or using the secure notes feature in a password manager.

Your gaming account is only as secure as its weakest link. TFA might seem like an extra step, but it’s worth the few seconds it takes to keep your accounts secure.

What are the EA games benefits of turning on Login Verification?

Gifting in Apex Legends
- If you want to send your friend a gift, you need to have Login Verification on. Check out our FAQ for more details on gifting.

EA SPORTS FC™ Companion App
- To use the Companion App and manage your Ultimate Team™ on the go, your account needs to have Login Verification turned on. Learn how to access the EA SPORTS FC™ 25 Web and Companion Apps.