Welcome to Obscure Gamers

Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. It's also quick and totally free, so what are you waiting for?

SECURITY ISSUE: Activate 2FA on Nintendo.com now or your account is at risk!

Damien

Please note I'm only OG tech support.
OG Staff
Refugee
Registered
Joined
Jul 26, 2018
Messages
368
Reaction score
1,249
Points
93
AG User Name
Demon
AG Join Date
Aug 11, 2008
Posting here to drive more attention to this major security issue.

It appears somehow Fortnite skids are taking peoples Nintendo.com accounts and stealing ingame money etc. The only way to prevent this is to enable 2FA on Nintendo.com. The breach maybe due to how EpicGames have set their stuff up but we cannot confirm this.

A small reminder, you should enable it here too. Email option while not safest is atleast better than having an account accessed.

@LuigiBlood posted more on twitter regarding this.

 

supersega

2020 Donator
2020 Donator
2019 Donator
Refugee
Registered
Joined
Nov 25, 2019
Messages
55
Reaction score
18
Points
8
AG User Name
supersega
AG Join Date
Jul 25, 2014
And I think with this tweet, the 2FA registration for Nintendo is down... I'm not getting any code to enable it. Dunno if anyone is having the same issue...
 

Nully

2020 Donator
2020 Donator
2019 Donator
Refugee
Registered
Joined
Sep 14, 2019
Messages
110
Reaction score
52
Points
28
AG User Name
lh
AG Join Date
2010
This thread is a waste of time; everyone here already knows to always use 2FA for everything... right? :confused:
 

InsaneNutter

2020 Donator
2020 Donator
2019 Donator
VIP
Refugee
Registered
Joined
May 31, 2019
Messages
14
Reaction score
15
Points
3
Location
Yorkshire, UK
Website
digiex.net
AG User Name
InsaneNutter
AG Join Date
Dec 9, 2010
If you are setting 2FA up for the first time then i'd recommend something a bit more futureproof than Google Authenticator which is often recommended. It's not possible to backup Google Authenticator on Android without root. In theory if you keep your backup 2FA codes somewhere else it shouldn't be too much of an issue to setup a new device, however still a bit of a pain and people seem to loose their backup codes I find.

1Password / LastPass do 2FA well over multiple devices in my opinion. I'm sure others who use 2FA have recommendations about what works for them too.
 

cta

AG Refugee
Refugee
Registered
Joined
Jun 7, 2019
Messages
184
Reaction score
85
Points
28
Google Auth is just using your basic TOTP. There's nothing wrong with TOTP itself, but you really should be able to back up/migrate your tokens, so... simply get another authenticator using the same mechanics (FreeOTP, andOTP, ...) instead.
 

FamilyGuy

2049 Donator
2020 Donator
2019 Donator
Refugee
Registered
Joined
May 31, 2019
Messages
295
Reaction score
298
Points
63
AG User Name
-=FamilyGuy=-
AG Join Date
March 3, 2007
For what it's worth, after a terrible migration from Google Authenticator when changing phone, I'm now using Authy and I'm pretty happy with it.
 

Bad_Ad84

Administrator
Staff member
Administrator
Joined
May 30, 2019
Messages
81
Reaction score
198
Points
33
AG User Name
Bad_Ad84
AG Join Date
26/05/2011
Yeah I use authy too. Google is a pain when changing phone or wiping etc
 

speedyink

AG Refugee
Refugee
Registered
Joined
May 31, 2019
Messages
160
Reaction score
137
Points
43
I'm using andOTP. I just like how small and lightweight the app is, no BS. Light apps are definitely up my alley. Honestly I haven't had to backup or really use it for much other then setting up the websites, but so far seems alright.
 

FamilyGuy

2049 Donator
2020 Donator
2019 Donator
Refugee
Registered
Joined
May 31, 2019
Messages
295
Reaction score
298
Points
63
AG User Name
-=FamilyGuy=-
AG Join Date
March 3, 2007
I'm using andOTP. I just like how small and lightweight the app is, no BS. Light apps are definitely up my alley. Honestly I haven't had to backup or really use it for much other then setting up the websites, but so far seems alright.
Nice to see that there are opensource implementations. I don't know why I couldn't find those when I was looking around. I typically prefer FOSS to proprietary ones. But to be honest I probably won't bother switching unless there's a scandal with Authy or something.
 

Damien

Please note I'm only OG tech support.
OG Staff
Refugee
Registered
Joined
Jul 26, 2018
Messages
368
Reaction score
1,249
Points
93
AG User Name
Demon
AG Join Date
Aug 11, 2008
It's been confirmed roughly 160,000 users have been compromised by this. Seem's Nintendo themeselves were the cause.

More info: https://www.neowin.net/news/nintend...y-accessed-disables-nintendo-network-id-login

As for how many users were affected, Nintendo estimates around 160,000 accounts may have been logged into, granting attackers access to personal information such as gender, birth date, and e-mail address. Payment information is not included in the information that can be accessed, but as mentioned above, it may be usable on the eShop if your Nintendo account password is the same as the NNID password.
 
Top