When I tried to log in today I was asked to verify my account using 2-factor verification. I found this alarming, as I haven’t needed to use the authenticator since installing the game and I logged in just fine yesterday without needing to use it.
Unfortunately, it’s been so long since I used 2-factor verification that I have since had to wipe my phone and install a new ROM on it. I did this without first disabling two-factor verification in my GW2 account, because I didn’t realise I needed to. So today, when the game asked me for it, I had to re-download the Google Authenticator from the Play store, set it up and link it with my Google account as if this was the first time I was using it.
Then, when I finally entered the verification code in the game client, I got
The account name or password you entered is invalid. Please check your information and try again.
I assumed I had been hacked, so I went through to account recovery. However, after several hours of trying to find my original serial code, I can’t find a single trace of it – I don’t even remember if it came in a box or an email (though I’ve asked a few friends who bought the game from the same e-tailer as I did so I’ll hopefully have an answer to that soon).
After a bit of calm reflection though, I realised it’s unlikely that I have been hacked, for the following reasons:
1. if a hacker had accessed my account and changed my password, I would have received an email notifying me of this at the email addressed associated with my GW2 account. You know, the type of emails with “if you did not change your password click here” links. I’ve combed through my account and there’s no such email.
2. Additionally, during log in, I’m first asked for my username and password, and then for the verification code, and only after that am I told that my login details are invalid. I believe if my password had been changed by a hacker and I was entering the wrong one, the client would have stopped me before reaching the 2-factor verification stage, not afterwards. So the invalid info must be the authentication code I entered.
3. if my account had been hacked, surely the first thing a hacker would have done is disable 2-factor verification so they could log in from anywhere?
I’ve therefore concluded that it’s more likely an authenticator issue: I did not unlink the authenticator from my account before I went and wiped my phone. The Google Authenticator needed setting up and associating with my account all over again (scanned the barcode off google’s website and everything), so it counts as a new instance of the authenticator, one which my GW2 account is not associated with!
Since I can’t log into my account without a linked authenticator app, I can’t disable two-factor verification. And since I can’t find my serial code,, I can’t use the “recover your account” option either. So I’m kinda stuck!
My questions for support:
1. Based on the information I provided above, do you believe I have been hacked, or is this a 2-factor verification issue
2. can you disable 2-factor verification from my account for me?
3. can I recover access to my account without my serial code?
Thanks!
