Removing 2FA from account

[Narnian.4856]

My 2FA device has died and I can't turn-off 2FA via the website account control panel.

 

My DigitalOcean account uses the same 2FA device and I've been able to turn it off on the DO control panel without having to use 2FA codes to disable it. But in GW2 you need your 2FA device and enter 2 different 2FA codes... but if you don't have the device you can't enter the codes. This appears to be a flaw in the logic somewhere.

 

 

Just wondering why it's not possible to turn it off from the GW2 account website even if it means via a OTP SMS or email...

 

[Illconceived Was Na.9781]

> @"Narnian.4856" said:

> Just wondering why it's not possible to turn it off from the GW2 account website even if it means via a OTP SMS or email...

 

My guess is that they don't want some hacker who gets your GW2 logon to remove 2FA easily. They'd like a human to verify that you are who you say you are, that you are the owner of the account **before** they allow the protection removed.

 

Two questions:

(1) Did you file a support ticket already (if so, how long have you been waiting? I'm told that less than 24 hours is standard, but your situation might vary)

 

(2) For DigitalOcean, how did they confirm it was you?

 

[Bloodstealer.5978]

If anyone can just simply remove 2FA by let's say a a tick in a box somewhere in your account then what would the point of 2FA be. The whole point of 2FA is to make life harder for hackers to take control of your accunt not gift it to them on a silver plate.

I don't believe you were able to just remove your DO 2FA as easy as you say, if you were then it would be mighty concerning imo.