syst3mboot

TL;DR: I think they tried hacking me when I had the 2FA enabled but failed. Full story: I've just recently started playing (about a week ago) and kept reading stories about people getting hacked so I enabled 2FA authentication (IP locked, not every sign in), and it all went well. About 2 days later I sign in and it asks for the code again (Odd since my IP address is static[doesnt change], and I didn't change computers. I type in the code, sign in and everything is as it should be, untouched. My theory is that some staff member is selling the account information and someone did try to sign in with the correct username and password but since they couldn't get the code, they couldn't get in. However the correct username password was enough to save in the database the new IP, so when I signed in, the server thought it was a new IP address. Just my theory as a computer programmer. Not sure what else could've triggered the 2FA to pop up again.

--EDIT-- Thanks to Staden from the help-and-support channel on discord, finally figured out the problem. Date and time was not set to auto on the phone so it must've fallen behind/ahead by a little bit. It has to be very accurate for the codes to work apparently. Also thanks to GM Arrows for spending over half an hour with me trying to solve this issue. Problem solved. Disregard thread (unless you're also having problems). ------------ So I've been trying this repeatedly through out the day and still no success enabling it (tried both, IP LOCK and ALWAYS USE, same issue with both). I go through the process and its all great until I have to enter the 6 digit code to enable it, and it says invalid code every time. Step by step what I did. 1. Go to Control Panel on website > Enable 2 factor authentication > Enable IP lock with authenticator. 2. Check email, got the barcode, opened Google Authenticator, add new account, scan barcode. It shows up as "Elysium Project (USERNAME)". 3. I click on link in the email to enable the authenticator (https://elysium-project.org/control/user/2fa/iplock/RANDOMCODE) 4. I enter the current code in Google Authenticator and click submit (before the code gets a chance to change). 5. I get the error that the code did not work, type in the latest code. *Tried and updated google authenticator to latest version, still does the same problem. *Tried to enable 2 factor for every login, not just IP lock, still the same problem. *Tried to manually enter the code from the email into the authenticator. Account Name = email, Key = key. Still no luck. Not sure what to try anymore, and with all the posts on forums about people getting hacked, a little concerned, I just started playing recently so I dont have much to lose but I certainly dont want to end up as one of the people posting "I logged in and Im naked with no money". Cheers!