This category is for feedback/ideas related to the Minecraft franchise, not gameplay. No support issues, lists of general ideas, or bug posts please!

← Minecraft (Franchise)
575
Follow

2FA (2 Factor Authentication)

released

With tons of Mojang accounts getting compromised and even sometimes youtubers and staff accounts getting stolen, Mojang should really do something to combat this like adding 2FA using the Google Authenticator app, this will help users know their account is extra secure and lower the amount of compromised accounts.

Avatar
Registered User shared this idea

62 Comments

Post is closed for comments.

Date Votes
Sorted by oldest
  • 5
    Registered User commented
    Comment actions Permalink

    Unfortunately, "three security questions" aren't as secure as being passwordless these days.

    Microsoft 2fa is relatively trivial to set up, it would be a great feature to be able to enable and varying paranoia levels (gaming, vs web portals, vs account changes, etc).

  • 6
    Registered User commented
    Comment actions Permalink

    Please let this happen, my account got hacked yesterday and I had to reset the password to get back in.

    Moron changed my username.

  • 3
    Registered User commented
    Comment actions Permalink

    To be honest, I would expect this to be implemented in most services by now. I'm surprised that a game owned by Microsoft hasn't done this yet.

  • 3
    Registered User commented
    Comment actions Permalink

    Just make users connect there java account to Microsoft. It already has the Microsoft authenticator app and other security features such as confirm login by email. This is why you are unlikely to get compromised in bedrock.

  • 2
    Registered User commented
    Comment actions Permalink

    Excellent idea! This would greatly improve the security of Minecraft accounts. It shouldn't be too difficult to implement either, as there are many APIs available for authenticators such as Google Authenticator.  

  • 3
    Registered User commented
    Comment actions Permalink

    i recently just had my account hacked and banned from hypixel (a server i've never played on before) and my character skin was changed to Venom all done within an hour of walking away from my computer, and hypixel has a strict policy of they'll unban you once for something like this but repeat offenses will end up being perma banned. but it's sucks when all you can do is change your password and pray someone doesn't take your account having a 2FA would be super helpful in protecting the accounts of people like myself from getting wrongfully banned apps like Google authenticator or the Authy app would really help in that field and i dont understand why it is not a thing. please make this an option

  • 3
    Registered User commented
    Comment actions Permalink

    Mojang really needs to add this. My account got hacked and I got banned on Hypixel.

  • 4
    Registered User commented
    Comment actions Permalink

    This would eliminate alt shops. And make a job of a server admin way more easy. Because almost all alts that go on alt shops are stolen. And who want to pay ~$30 USD just to B-Hop on a server for like 10 minutes.

  • 5
    Registered User commented
    Comment actions Permalink

    Someone just tried to compromise my account by brute force password attempts and then by opening a ticket asking support to change the associated email address. I’m very careful to guard my credentials but it doesn’t stop someone from asking support to change the email. Thankfully I was able to email support back and they stopped the change. This needs to happen Microsoft. You have your own MFA product. This is plain inexcusable to not have it in late 2020

  • 2
    Registered User commented
    Comment actions Permalink

    My Minecraft account was hacked recently, and unlike with other types of accounts were I am able to restore it,I do not feel safe. The person who got into my account easily changed the password AND the security questions which shows how useless they are. Add two factor authentication. People has been asking this since 2018 from what I see. I spent 30 dollars to make this account like everyone else. All I'm asking  to have some security so I can play the game I paid for.

    I reiterate, I do not feel safe despite having my account back because the person who used my account bypassed the minimal amount of security protocols.

    At the very least you could allow us to merge/migrate our Mojang accounts with a Microsoft account right now so we can take advantage of the security benefits of a Microsoft account. 

  • 2
    Registered User commented
    Comment actions Permalink

    Vouch. I know this post was from nearly 2 years ago, but I think 2 years later this is even more important.

    I own a somewhat valuable account (minecon cape, given name as username). It has been stolen twice, both of them a year apart. I haven’t even been able to retrieve it, they changed my name so if I don’t get my account back within 7 days I might even lose my username. It means a lot to me.

    I don’t want to lose my account for the 3rd time.
    2 factor authentication would be very helpful with securing my account. Please, I’m really desperate.

  • 2
    Registered User commented
    Comment actions Permalink

    I completely agree, I actually contacted them once and gave them a whole list of things they could do to improve security, and I never heard back! My account was hacked into and the name was changed over a year ago now. After looking into it myself I sent Mojang a list of accounts that I suspected has also been hacked into because of the timing and similarities between the name changes, but nothing was done about it.

    To add onto this idea, there should also be a notification/email that is sent if someone logs in from a new location. The person who got into my account could've used it as long as they wanted and I never would of known if my details weren't changed. This is such a basic feature and a HUGE security flaw!

  • 1
    Registered User commented
    Comment actions Permalink

    why this isn't thing yet? Why are you so dumb that you compromise your players accounts nowadays? Just so stupid and irresponsible from you...

  • 2
    Registered User commented
    Comment actions Permalink

    This should be done by the company responsible for your email and not by Mojang.

  • 2
    Registered User commented
    Comment actions Permalink

    i have heard that many games related accounts get hacked everyday more than 10k and they are all paid games account so its nice that minecraft with microsoft have found a way to secure the accounts so no more accounts get hacked and the fun is not interupted.

  • 1
    Registered User commented
    Comment actions Permalink

    for real tho

  • 1
    Registered User commented
    Comment actions Permalink

    A me oggi è stato rubato l'account e cambiata la password, dovrebbero proprio aggiungere il 2FA

     

  • 1
    Registered User commented
    Comment actions Permalink

    I wish this existed, my account has gotten hacked. The skin keeps getting changed and the person who has took my account hacks on hypixel and got be banned for a year :/

  • 1
    Registered User commented
    Comment actions Permalink

    my minecraft account got hacked 10+ times, i got perma banned from hypixel for cheating(abviously that wasn't me) after sending an appeal the ban got reduced to a month;
    even if you change password it doesn't matter i don't get why they can't add a fucking authentication app for the phone or even connect a phone number.
    today i logged into my account tried to connect to hypixel to find out that i was banned for an YEAR
    this shit needs to be fixed as soon as possible.
    i can't imagine how many people are in my same situation that already quit the game.

     

  • 1
    Registered User commented
    Comment actions Permalink

    Same. I keep finding my mojang account compromised over and over again. This isn't an issue with people getting my info on my side and luckily whoever has gotten into my mojang one has never done anything bad on servers I play. I find my skin fully changed and once my name was changed. 

    My microsoft bedrock version has never been compromised....we need to have a two step on java edition as an extra layer or even just get the accounts merged sooner. 

  • 1
    Registered User commented
    Comment actions Permalink

    2021 and still no 2FA .

    Good to see the Developers taking SECURITY serious!
    but I guess with Every Compromised account it forces some players to buy new ones and guess what

    THEY KEEP MAKING MONEY!!

  • 3
    Registered User commented
    Comment actions Permalink

    Please just use a decent password or something, please?

    I have to deal with 2FA in both my work and past school accounts. It's massively annoying and while it _can_ make things more secure, it also puts a burden on your phone or assorted other second login device. I never have my phone nearby, and _it's_ secured with a password, so 2FA adds sudden and highly frustrating several-minute interruptions just when I'm trying to work on something.

    It's really put me off my desire to work on projects at times, so I hope I can keep the option not to enable it.

  • 2
    Registered User commented
    Comment actions Permalink

    Good Idea

  • 2
    Registered User commented
    Comment actions Permalink

    What if Minecraft would add new animals or monsters? I would like to have like an goblin what do you think?

     

  • 2
    Registered User commented
    Comment actions Permalink

    this is a good idea and all but wouldn't google find a way to buy minecraft?

    I don't want one of me and my friends favorite game being controlled by Google.

  • 1
    Registered User commented
    Comment actions Permalink

    ...I'm not sure if you're joking. We have microtransactions already. I think Google would be an improvement.

  • 1
    Registered User commented
    Comment actions Permalink

    .

  • 4
    Registered User commented
    Comment actions Permalink

    Please make it optional since i only have one phone number, my alternate account will become unplayable if 2FA will be required.

  • 3
    Registered User commented
    Comment actions Permalink

    anche microsoft authenticator

     

  • 2
    Registered User commented
    Comment actions Permalink

    You do know Minecraft uses Microsoft. Right idiot?