Due to excessive account sharing, and issues that have arisen because of that I have had to change it so that 2-Factor Authentication has gone from being a recommendation to being a requirement.

To learn what 2FA/2-Factor Auth is you can read it here: What Is Two-Factor Authentication (2FA)? - Authy

This has been done for the following reasons:
  • Players who have shared accounts get banned because we ban all accounts banned users have access to. This also bans all accounts they try to bypass the server on.
  • Players have their accounts wiped or equipment/shards/diamonds stolen either due to trusting the wrong person, or retaliation for a falling out.
  • Players sharing accounts and being flagged for multiple accounts by someone who tries to bypass account restrictions; depending on the number of accounts it is easier to ban all accounts and deal with individual tickets later.
  • Rare instances of players who have had accounts actually hacked; this has been extremely rare and is a case by case basis of users sharing passwords from past servers or re-using passwords.
    • I have also enabled HaveIBeenPwned and a few other services for checking for compromised accounts, so some people may start getting alerts about this.
The current options set up for 2FA allow for email, app based auth through Authy/Google Authenticator or similar services, or physical security/passkeys such as Yubikey.

Once we release source code, we may look at adding 2FA requirements and device whitelisting to Dragon's Prophet and possibly Dragon Saga.