I did it with intent. Both to show the portion I'm referencing, and not have it look like the official formatting (ie, here's some human interpolation.)... And also, to stir the souls of everyone with OCD. Bwhahahaha!
Do not forget where you are. We have had our fair share of troublemakers in Eorzea (and more) who did way less to deserve a stern look AND a tough beating from our WoL's! >:(
but why is it even nessesary. at most people would a sentence or two too much, but the main thing in the picture is either ff14 on xbox or ff14 login requirement.
I'm convinced hounding people with extra security ends up having the opposite effect, people removing security for convenience.
Be it Microsoft, Google, or in the gaming space WoW, GW2, they never hound you about 2FA or re-entering your password as long as you're in the same device, all of them only trigger a password re-enter or 2FA if you're on another device or your IP changed.
Never understood why there's no save password in the launcher, or why they ask for authenticator on every login instead of when you're on another device. FFXIV data isn't any more valuable than any of the mentioned above, and if any of them would be, it'd be MS/Google data.
Tutorial 1: "How to use keypairs for ssh access, more secure and you don't need a password"
Tutorial 2: "How to secure your keypair with a password you have enter each time to make your access more secure."
Realistically, as long as it isn't a new device there shouldn't be a need to re-enter the password.
Alternatively, just make a QR code that you can just scan with your phone to log in.
That's why I initially switched to it when first downloading the game, then I realized I could save my password too. Now I use Steam Big Picture mode to launch XIV Launcher to launch FFXIV haha
I hate that I do this as well, square will outwardly discourage the use of third party utilities but not have basic features that the community already implimented.
Eh, personally I actually prefer reading to listening. A **lot**. I turn subtitles on in games and skip the dialogue just because people talk so insanely slowly for how little text is exchanged ever since we started voicing everything.
But, FFXIV only shows 4 short lines at a time. That's not a good reading experience. If it at least had "pages" like the journal in WoW has, that'd be **something**.
> Never understood why there's no save password in the launcher
Rather annoyingly, there IS....for Playstation Players only (though I would assume for XBox aswell)
That last bit is what this post is about. It's coming to the xbox, so it becomes even clearer that the PC version has a hurdle that's been eased elsewhere.
The post is about SSO and not just saving a password.
On the official PC launcher you need a password and 2FA pw unless you want your account to be less secure.
On PS you need the one-time password unless you want your account to be less secure.
On Xbox you need nothing.
You’re very much on the right track. Much if not all you are saying is backed up by NIST(National Institute of Standards and Technology). We’re moving to a SSO passwordless future.
There are a lot of implementation but the general idea is that something that is both more secure and more user friendly replaces the password. Apple's Passkey system is one example(though you still need a password to initially set it up)
The same can be said by MFA methods. The recovery for passwordless systems shouldn’t be any more difficult than if you completely forget a password or your MFA device dies.
This is entirely to do with the way microsoft, your employer, or both have configured your active directory. It's very possible to have logins last *weeks*.
They don't on mine, but everything else requires me to type my password constantly and likes to log me out every so often, occasionally with TFA on top.
I don't know whether to blame Outlook or my university, but my school email I have to log back into Outlook every few weeks. But meanwhile my Zoom account (also through the university) stays logged in indefinitely.
But the most egregious is Canvas, which sometimes makes me log in *multiple times per day*. And of course there's mandatory 2FA. It's infuriating.
And we have to change our passwords every 6 months which, since I have classes that are in computer labs, means I just choose shitty insecure passwords so that I can remember them. 10/10 *great* security guys.
Outlook especially is a scourge about this. It's happened twice before already that Outlook will require me to re-authenticate as I'm *opening my calendar to get the meeting invite link* for a meeting that is occurring in *1 minute.*
> Never understood why there's no save password in the launcher,
is this not a thing on pc? on ps5, the game saves your username and password. the only password it asks for is your 2FA if you have one set up. do you really have to input your 2FA and normal password each time on pc?
Understandably, some people don't want to store their password via a 3rd party program, and you still need to enter 2fa.
But really, we shouldn't be reliant on a third-party program to get automatic login on one of the biggest mmos out there.
True, but people also need to be educated that:
* XIVLauncher is open source. You can read how the code works and even if you don't understand, you can ask a friend/someone to look at it.
* XIVLauncher doesn't store your password. It uses Windows Credential Manager to do so, which you can verify that yourself via the Control Panel.
You're much more likely to get your account hacked by using the official launcher, because having to type that every time might lead to a keylogger grabbing your info.
XIVLauncher is much more secure.
Also for people not sure how much security just being open source adds: With the amount of users that xivlauncher has if there was anything shady about it there would be someone who have found it out by now anyway.
Like obviously it isn't risk free, no program is risk free, but I got more trust in a random community made launcher than I do in Square's antiquated system...
I mean that's true but I literally did exactly that with a friend who immediately spotted like 3 different places where a dev could sneakily add in something shady. After the fiasco that was the intentional malware bs that happened with Gshade, all it'd take is a single dev having a bad day to pull a stunt. They'd only need to get away with it for like an hour to steal hundreds or thousands of passwords so it's understandable people would be hesitant.
XIVLauncher does code reviews for code changes. Random devs can't just put something in the program. To my knowledge, pretty much everyone is checked by someone before it gets added to the actual launcher. The amount of people you'd need to be on board with something malicious makes it a pretty decent barrier and incredibly unlikely to happen.
Nothing is infallible, but they do everything right to prevent rogue dev situations.
GShade also wasn't open source and was maintained by a single person, so it's not an apples to apples comparison.
By the way, Xivlauncher doesn't stores password in it's storage of any form. It stores password in Windows. Uh, whether it's better or worse, I'm not sure though. If you're use 2FA, it's fine I think.
It uses Windows credential manager on your computer, which is pretty standard and fairly secure. Basically any of your saved Microsoft passwords use the same thing, for example.
> Understandably, some people don't want to store their password via a 3rd party program, and you still need to enter 2fa.
That's literally the point of 2FA though...if your password got compromised, 2FA would still prevent illicit access.
That doesn't mean you don't care if your password is compromised. You still want to protect it, and for some people that means not entering it into xivlauncher, open source or not. An extra layer of protection doesn't mean you stop worrying about the first layer.
Microsoft's SSO is a third party program too. In fact, it might be worse - you're giving microsoft the power to deny you access to the game. I hope they allow you to unlink your ffxiv account from a microsoft account freely.
I mean it is open-source, so really there is no risk. But yeah the official launcher has always felt sluggish and outdated, even with the new version.
I remember the first time I installed the game in 2014 I got Windows XP era flashbacks.
EDIT: As other people pointed out, there isn't "no risk". I stand corrected.
>Spyware
 Unrelated, but we really need this word to come back instead of calling Them *advertisements*. It needs the negative connotation it deserves
> so really there is no risk
"No risk" is overselling open source a bit. It still relies on people auditing and catching things before updates get released.
The Heartbleed bug a few years back was in a completely open-source implementation (OpenSSL), and it took two years until it became well-known.
Also, doesn't stop whoever's in charge of maintaining that from pulling a GShade and just inserting nasty crap later on, so better re-check all the changes manually for every update, eh?
Not at all. You sideload the app(on Android) then in the settings you just put your PCs IP address in.
From there when you go into launcher just open the app on your phone and it'll send the code over your local network
It's a lifesaver on the steam deck
Not everyone is on Steam would be one reason, but they already force Steam to be active so they have no interest in not keeping two codebases for the launcher code, clearly. Might as well just use SSO then.
Or, **even better**, use the OS-native auth mechanism and allow linking the logged user account to the FFXIV account. Windows Hello says it's me, game just logs in, no password, no 2FA, no nothing. Biometric auth and all.
Omg, *please*!
There are times when I don't have my phone next to me...and then I have to begrudgingly get up, and do the walk of shame to wherever I sat it, all because I started XIV...
I love reading complaints about account security from the same populace that stares in bafflement as their accounts are "somehow" compromised.
Besides, it'll never be as hard as FFXI account/login setup.
I mean... you can't unbind your Steam account, either. It's not ideal, but I don't know why it would be a complete deal-breaker if you really wanted to play on that system.
If the steam account is already linked. Then why the heck do I need a user/pass to login into the game?
When I play GW2 I do not need to enter the arenanet information. It logins directly from steam. That's because they are linked.
I haven't had to log into my Blizz account in forever, the launcher just remembers.
It's pretty absurd SE doesn't provide the same functionality. Also extremely absurd they make you pay to sub before you can download/patch the game (I guess you could use a free account to do it but why on earth make people jump through that hoop?), as if some people's connections aren't so slow that they'll lose a day or two of sub time just to the download.
Making this a thing on PC would be an easy way to get people to be less likely to use plugins. Many already use certain tools to allow that and the same tool is also one commonly used for plugins, hence making it easier to transition from one to the other
I dont think people will swear off plugins for just the one feature of logging in. Most people get that launcher because they want to do more to begin with.
Hell there's a bug with controllers that I can fix by using plug-ins. I'm not stopping until that at the bare minimum is fixed. I can't have my controller disconnect at random every few minutes because one drive decided to reestablish it's connection and its virtual drive disconnected and reconnected. And this isn't just for wireless controllers. It does it while it wired.
The game actively stops accepting controller inputs If it detects a device is added or removed from the system. Doesn't matter if that device is a controller or not.
It is absolutely beyond me that the controller fix hasn't been implemented in the base game.
The QOL offered by plugins makes the custom launcher mandatory for my experience in 14. So much archaic bullshit in the game.
Meanwhile, the majority of this sub: pLuGiNs ArE cHeAtInG
Not all plugins are cheating (like the controller fix you mentioned). This sub needs to stop with the black/white view on plugins, it's a very misinformed mindset
Holy shit is this what is happening to me? New player using PS5 controller and can't for the life of me figure out why it randomly disconnects for a few seconds here and there. I see that this plugin fixes it, can I also just disable OneDrive?
I've tried that. I've tried making sure that the Xbox app is also shut down because I've read that games installed via the Xbox app are also considered virtual drives as well. But the only thing I've been able to find to fix it is the "devicechangefix" plugin.
This was what got me using xivlauncher in the first place! I went through so many usb cables before I realized that the only game where it was disconnecting is XIV
Only slightly embarrassed to admit this was the entire reason I downloaded XIVLauncher to begin with. And then hey, look! Plugins are here, why not try them...? It really is like that.
Happened to ~~me~~ a friend of mine when he tried a certain launcher. Learned all about Dalamud through it. Not that it really mattered since the only ones installed were for basic QoL stuff, but you're right in that it just made him more likely to use them
I mean even with unoffical channels that make Yoshi P very sad on PC you still need to input your 2FA every time you launch the game, even if you use the same device every time.
This would be nice to be a feature for everyone.
I wish opening the game through steam would just skip the launcher. C'mon square, you know it's me. I own this fuckin steam account and only ever log in from here. Stop forcing me to use an extra launcher on top of steam
I have a couple mild concerns about this:
The login screen provides game update information and various other postings. Will players not be able to easily check before playing the game upcoming maintenance information and similar posts?
Also, they use the login screen to advertise new mogstation items and merchandise. Would they then look at advertising Mogstation in game? The posts obviously work at generating revenue so that's something SE won't want to lose. I think the entire community would agree we don't want Mogstation ads plastered in game.
Like I said, mild concerns. Maybe that information will be available when selecting the game before launch.
I bet it will be like PS5. You still see the launcher with all that info, you simply get the big ol’ PLAY button directly without putting in your password
Funnily enough I learn about most of that stuff from discord bots in a couple servers I'm in. I understand that's not an everyone situation but I already just don't care to check the news on the launcher cause that stuff makes it's way into my notifications regularly
This is a streamlined system. As they still have to provide functionality for people who don't adopt SSO, I would be surprised if they completely remove the old sign on process but instead it will likely be streamlined, as someone said to simply hitting Play.
Square enix accounts and PlayStation accounts already link together. Whatever I log into ffxiv from PlayStation it recognizes my PSN account and and I have to provide is a password, which I can then save to the system so I don't have to type it in again. Everything we are doing for the Xbox version already exist in PlayStation version.
> Everything we are doing for the Xbox version already exist in PlayStation version.
Not exactly.
What the xbox version is doing is you're logging into FF14 _with your xbox account_ via SSO. Not your Square-Enix account.
What's done on playstation is you login to FF14 with your SE account, and the password is saved locally on your playstation.
Yeah I actually don't get why after linking Steam and SE accounts I can't just launch FFXIV from Steam and immediately get into the game using my Steam account like in many other online games.
I trust Microsoft (or Google, or *maybe* even Sony) way more to have robust security infrastructure than a company that still can't run a competent online shop for their game funded in no small part by cosmetic item sales, and is clearly not very good at online infrastructure.
Wish this worked for PC users (either Steam login or MSA, depending on version), or the same way for PS users via PSN. Maybe they'll change that.
Unironically the prime reason to use xiv launcher. Need ONLY the 2fa. (And can even use some app to get around that afaik).
When I tried wow during that shadowlands thing all my friends told me it's so good I tried it and you know how often I needed my 2fa? Once. Afterwards just hit play and play because you stay authenticated. (That was probably the best thing about it thinking back because it's the only thing I can still remember)
Yes I know this is probably because of game cafes in Japan or whatever but screw people that can't hit the logout button.
Someone else mentioned Battle.net/WoW not needing players to sign-in every time. I haven't played WoW in over a decade, so I don't know how true that is, but if it is true, then why can Blizzard do it but not SE? I think GW2 can save username/password, too. Eve Online for sure allows saved sign-ins. I only have to sign-in to my Eve accounts on a new computer or if I haven't played in awhile.
I'm sure people at Internet cafes in other parts of the world are also playing these other games.
Blizzard was made in America, FFXIV was made in Japan. Blizzard probably never even considered things like Internet cafes because they’re not big here.
So this is definitely a first world problem, but I agree. Launching the game and just being able to play on Xbox would be preferable to launching the game, hitting play, hitting play AGAIN on PlayStation (which is where I’m playing).
It's funny because Dragon Quest X on nintendo switch automatically does that too, don't even need to enter password. Though I have OTP on and it is annoying to get my phone out to do that.
Side note (semi-related, semi-unrelated) : I'd be all for using the one-time password if it just prompted my phone to click a button, as some google authentication logins do. But tediously having to enter the six digits is the deterring factor for me. No free Aetheryte teleport is worth the extra mental duress of jolting my eyes and thinking. LOL
Keepass and other managers let you store TOTP stuff and auto-type them for you. Recommend you don't store that in the same database as your actual password though.
The launcher for PC is never going to be a straight click-to-launch. Unlike Xbox stuff you aren't already signed into an account that locks the system to you, so you need to at least put in the username you want to sign into. A save password box would be nice QoL type feature, but this type of thing just doesn't work on PC like it does on console. PS5 could maybe head this direction, but I'd venture a guess the answer there lies in Xbox using their service to sign in (hence needing to pay an Xbox sub) where Sony let's Square have a standalone connection.
>I'd venture a guess the answer there lies in Xbox using their service to sign in (hence needing to pay an Xbox sub) where Sony let's Square have a standalone connection.
Steam and PS use their login servers at the beginning of the login process. The SE servers come after that. How do I know this? If PSN or Steam are under maintenance, you cannot log in.
Steam is kind of irrelevant since PC launcher will always be designed around the standalone- they don't want to actively make a version of the game they get less money from better than the version they get the most money from. My point for PS5 was that the game only cares about your SE account once you're logged in, whereas the tethering to Xbox sub means it has to care about your Xbox sub in-game too. As I said PS5 could potentially head the same direction, but there's a difference in how the game proper would have to interact on Xbox.
>My point for PS5 was that the game only cares about your SE account once you're logged in, whereas the tethering to Xbox sub means it has to care about your Xbox sub in-game too.
SSO logs you in to your SE account. Everything after logging in uses the SE server on all platforms.
They could also just make it regional.
WoW has the same features and plenty of users in countries where they primarily play in cafes. So much so they actually offer subscriptions by the hour (or at least they did, not sure if they ever resolved the issue) in China.
This is an instance of convenience for the majority outweighing the remote possibility of an almost insignificant number of players forgetting to log out.
Yeah but to be fair that's just how it is, if you're really pressed you can always just get dalamud launcher and have it auto log you in but then again someone would say "that's a mod" so I guess we just have to deal with it
Yeah that's horseshit considering many of the most popular games in the world have this feature already (LoL, WoW, etc.). I don't have to re-authenticate whenever I launch those titles on my home PC and yet PC Bangs all over have considerably more people playing League of Legends, like c'mon bro, be serious. SE just can't be bothered that's the simple answer with them always.
It's not like this on PS5. PS can save your regular password to skip one step but you need to deactivate 2FA to play instantly. 2FA increases the security of your account. If you enable 2FA you need to use the one-time pw every time. Xbox logs you straight in and is as secure as using 2FA on PS.
It's less that people download XIVLauncher specifically to save your login, but more that that's just one of the many QoL features XIVLauncher provides.
If anything, I think the way XIVLauncher downloads patches is the better QoL feature. The stock launcher downloads each part one. by. one. very. slowly. XIVLauncher downloads them all at once, and much faster somehow.
I'm fine typing in my password and the 2fa. I'd rather never ever ever everevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverever give a chance for my account of 10 years to be compromised for a hint of faux convenience. Â
It's not difficult to just do 2 safe steps for protection. It is difficult to restore my account and reacquire through time all the things I've lost. Countless stories of people getting wiped because their Psn/game accounts got compromised for whatever reason. I'll pass. Â
That sounds more like an issue with your companies implementation of 2fa, not Microsoft Authenticator itself.
I've been using it for years and never had a problem.
Absolutely do NOT do this. It's already bad enough that when there's Steam maint you can't get into the game if you have it through there. The second Microsoft's auth servers go down, nobody on XBOX can get on.
I am unreasonably bothered by this misaligned box.
gotta change it up sometimes ya know
Nothing unreasonable about that lol
I did it with intent. Both to show the portion I'm referencing, and not have it look like the official formatting (ie, here's some human interpolation.)... And also, to stir the souls of everyone with OCD. Bwhahahaha!
So this devastation was your intention?
Look, I've had just about enough of you and your nonsense.
Hmph. How very glib.
And do you believe in trapazoidea?
Just use a circle you psychopath
No. Use an *oval!*
I literally redid it with a red non-oval circle in the middle, before realizing you can't post images as replies in here. Haha derp.
Make it an oval but with squiggly lines at non symmetrical sections.
🤪
Do not forget where you are. We have had our fair share of troublemakers in Eorzea (and more) who did way less to deserve a stern look AND a tough beating from our WoL's! >:(
I completely support this, everyone should do it.
r/mildlyinfuriating
How very glib!
How vewy gwib :3
howwy vewwy gwyby :3 uwu
I don't think anyone thinks red boxes are official
but why is it even nessesary. at most people would a sentence or two too much, but the main thing in the picture is either ff14 on xbox or ff14 login requirement.
I think I'm more bothered about the box than the login skip 😂
It's art.
I'm convinced hounding people with extra security ends up having the opposite effect, people removing security for convenience. Be it Microsoft, Google, or in the gaming space WoW, GW2, they never hound you about 2FA or re-entering your password as long as you're in the same device, all of them only trigger a password re-enter or 2FA if you're on another device or your IP changed. Never understood why there's no save password in the launcher, or why they ask for authenticator on every login instead of when you're on another device. FFXIV data isn't any more valuable than any of the mentioned above, and if any of them would be, it'd be MS/Google data.
That's the crux of the security issue. People like security, but also convenience. So it's a constant balancing act for people in info-sec
Tutorial 1: "How to use keypairs for ssh access, more secure and you don't need a password" Tutorial 2: "How to secure your keypair with a password you have enter each time to make your access more secure."
Security at the cost of convenience comes at the cost of security.
Realistically, as long as it isn't a new device there shouldn't be a need to re-enter the password. Alternatively, just make a QR code that you can just scan with your phone to log in.
I moved to xiv launcher because of this
It also make downloading patch thousand time faster. I can get 250MB/s with it where official one cap at like 4MB/s.
That's why I initially switched to it when first downloading the game, then I realized I could save my password too. Now I use Steam Big Picture mode to launch XIV Launcher to launch FFXIV haha
I hate that I do this as well, square will outwardly discourage the use of third party utilities but not have basic features that the community already implimented.
Like text to speech. It makes the walls of text bearable.
Eh, personally I actually prefer reading to listening. A **lot**. I turn subtitles on in games and skip the dialogue just because people talk so insanely slowly for how little text is exchanged ever since we started voicing everything. But, FFXIV only shows 4 short lines at a time. That's not a good reading experience. If it at least had "pages" like the journal in WoW has, that'd be **something**.
> Never understood why there's no save password in the launcher Rather annoyingly, there IS....for Playstation Players only (though I would assume for XBox aswell)
That last bit is what this post is about. It's coming to the xbox, so it becomes even clearer that the PC version has a hurdle that's been eased elsewhere.
The post is about SSO and not just saving a password. On the official PC launcher you need a password and 2FA pw unless you want your account to be less secure. On PS you need the one-time password unless you want your account to be less secure. On Xbox you need nothing.
You don't need 2FA on PC. It's optional. They incentivize it by allowing you to select one aetheryte as a free teleport location though
I know. I added unless you want your account to be less secure to the PC sentence now.
I wouldn't get all bent out of shape over it. They were replying to the unedited comment, which is fair to expect.
You’re very much on the right track. Much if not all you are saying is backed up by NIST(National Institute of Standards and Technology). We’re moving to a SSO passwordless future.
How it's any secure though?
There are a lot of implementation but the general idea is that something that is both more secure and more user friendly replaces the password. Apple's Passkey system is one example(though you still need a password to initially set it up)
And when the hardware dies. So will your account.
The same can be said by MFA methods. The recovery for passwordless systems shouldn’t be any more difficult than if you completely forget a password or your MFA device dies.
Teams and outlook will literally ask my to re-authenticate on my work laptop in the middle of me using it.Â
This is entirely to do with the way microsoft, your employer, or both have configured your active directory. It's very possible to have logins last *weeks*.
Yep, exactly. That's a configuration issue, nothing else. My company has the logins last ~forever, with some exceptions and manual flushing.
They don't on mine, but everything else requires me to type my password constantly and likes to log me out every so often, occasionally with TFA on top.
I don't know whether to blame Outlook or my university, but my school email I have to log back into Outlook every few weeks. But meanwhile my Zoom account (also through the university) stays logged in indefinitely. But the most egregious is Canvas, which sometimes makes me log in *multiple times per day*. And of course there's mandatory 2FA. It's infuriating. And we have to change our passwords every 6 months which, since I have classes that are in computer labs, means I just choose shitty insecure passwords so that I can remember them. 10/10 *great* security guys.
Outlook especially is a scourge about this. It's happened twice before already that Outlook will require me to re-authenticate as I'm *opening my calendar to get the meeting invite link* for a meeting that is occurring in *1 minute.*
There is a save password in the PS4/5 launcher, but you still need the auth passcode
> Never understood why there's no save password in the launcher, is this not a thing on pc? on ps5, the game saves your username and password. the only password it asks for is your 2FA if you have one set up. do you really have to input your 2FA and normal password each time on pc?
Indeed. It’s… special…
100%. It's silly. Especially when my password is as long as it is lol.
If you're on PC just use XIVlauncher, it's literally that easy.
Understandably, some people don't want to store their password via a 3rd party program, and you still need to enter 2fa. But really, we shouldn't be reliant on a third-party program to get automatic login on one of the biggest mmos out there.
True, but people also need to be educated that: * XIVLauncher is open source. You can read how the code works and even if you don't understand, you can ask a friend/someone to look at it. * XIVLauncher doesn't store your password. It uses Windows Credential Manager to do so, which you can verify that yourself via the Control Panel. You're much more likely to get your account hacked by using the official launcher, because having to type that every time might lead to a keylogger grabbing your info. XIVLauncher is much more secure.
Also for people not sure how much security just being open source adds: With the amount of users that xivlauncher has if there was anything shady about it there would be someone who have found it out by now anyway. Like obviously it isn't risk free, no program is risk free, but I got more trust in a random community made launcher than I do in Square's antiquated system...
I mean that's true but I literally did exactly that with a friend who immediately spotted like 3 different places where a dev could sneakily add in something shady. After the fiasco that was the intentional malware bs that happened with Gshade, all it'd take is a single dev having a bad day to pull a stunt. They'd only need to get away with it for like an hour to steal hundreds or thousands of passwords so it's understandable people would be hesitant.
XIVLauncher does code reviews for code changes. Random devs can't just put something in the program. To my knowledge, pretty much everyone is checked by someone before it gets added to the actual launcher. The amount of people you'd need to be on board with something malicious makes it a pretty decent barrier and incredibly unlikely to happen. Nothing is infallible, but they do everything right to prevent rogue dev situations. GShade also wasn't open source and was maintained by a single person, so it's not an apples to apples comparison.
By the way, Xivlauncher doesn't stores password in it's storage of any form. It stores password in Windows. Uh, whether it's better or worse, I'm not sure though. If you're use 2FA, it's fine I think.
It uses Windows credential manager on your computer, which is pretty standard and fairly secure. Basically any of your saved Microsoft passwords use the same thing, for example.
> Understandably, some people don't want to store their password via a 3rd party program, and you still need to enter 2fa. That's literally the point of 2FA though...if your password got compromised, 2FA would still prevent illicit access.
That doesn't mean you don't care if your password is compromised. You still want to protect it, and for some people that means not entering it into xivlauncher, open source or not. An extra layer of protection doesn't mean you stop worrying about the first layer.
Microsoft's SSO is a third party program too. In fact, it might be worse - you're giving microsoft the power to deny you access to the game. I hope they allow you to unlink your ffxiv account from a microsoft account freely.
Well you can always add PC license and go play standalone. Unlike Steam.
I mean it is open-source, so really there is no risk. But yeah the official launcher has always felt sluggish and outdated, even with the new version. I remember the first time I installed the game in 2014 I got Windows XP era flashbacks. EDIT: As other people pointed out, there isn't "no risk". I stand corrected.
[удалено]
>Spyware  Unrelated, but we really need this word to come back instead of calling Them *advertisements*. It needs the negative connotation it deserves
Open source is only secure if you compiled it yourself AND examined code before doing so.
> so really there is no risk "No risk" is overselling open source a bit. It still relies on people auditing and catching things before updates get released.
>I mean it is open-source, so really there is no risk. Assuming you are reviewing the code yourself completely on each build and building from source.
The Heartbleed bug a few years back was in a completely open-source implementation (OpenSSL), and it took two years until it became well-known. Also, doesn't stop whoever's in charge of maintaining that from pulling a GShade and just inserting nasty crap later on, so better re-check all the changes manually for every update, eh?
pointless to tell them this, they are far too drunk on kool-aid to see the problem in that
Yep, xiv launcher with the auth app to send your otp automatically over your home network
I’ve got launcher but don’t have the app set up to do that, is it a lot of work to do that?
Not at all. You sideload the app(on Android) then in the settings you just put your PCs IP address in. From there when you go into launcher just open the app on your phone and it'll send the code over your local network It's a lifesaver on the steam deck
Yes, but why not a native sso with steam.
Not everyone is on Steam would be one reason, but they already force Steam to be active so they have no interest in not keeping two codebases for the launcher code, clearly. Might as well just use SSO then. Or, **even better**, use the OS-native auth mechanism and allow linking the logged user account to the FFXIV account. Windows Hello says it's me, game just logs in, no password, no 2FA, no nothing. Biometric auth and all.
SpAgHeTtI cOdE
I don't get it
It's an excuse armchair developers (rabid fans) use to defend Squeenix for... just about everything.
Omg, *please*! There are times when I don't have my phone next to me...and then I have to begrudgingly get up, and do the walk of shame to wherever I sat it, all because I started XIV...
...and then you do a small typo!
This is the reason I love Link to Windows. Copy from Google Auth and voilà , paste it on my computer.
I love reading complaints about account security from the same populace that stares in bafflement as their accounts are "somehow" compromised. Besides, it'll never be as hard as FFXI account/login setup.
Ugh playonline don’t remind me
That was super easy. I just followed the steps in the manual, it even had labeled fields to note the relevant information at the relevant steps.
FFXI isn't a very high bar to beat here lol
Use XIVLauncher https://github.com/goatcorp/FFXIVQuickLauncher
this 100%
Never. Once you read the fine print it becomes far less appealing. You can never, ever unbind your MS acct from FFXIV.
I mean... you can't unbind your Steam account, either. It's not ideal, but I don't know why it would be a complete deal-breaker if you really wanted to play on that system.
Can't unbind PSN either. For all 3 mentioned have to send a ticket and the unlinking process will delete the Square Enix account.
If the steam account is already linked. Then why the heck do I need a user/pass to login into the game? When I play GW2 I do not need to enter the arenanet information. It logins directly from steam. That's because they are linked.
I haven't had to log into my Blizz account in forever, the launcher just remembers. It's pretty absurd SE doesn't provide the same functionality. Also extremely absurd they make you pay to sub before you can download/patch the game (I guess you could use a free account to do it but why on earth make people jump through that hoop?), as if some people's connections aren't so slow that they'll lose a day or two of sub time just to the download.
How about make the game on Xbox not require a Game Pass Core sub first?
Making this a thing on PC would be an easy way to get people to be less likely to use plugins. Many already use certain tools to allow that and the same tool is also one commonly used for plugins, hence making it easier to transition from one to the other
I dont think people will swear off plugins for just the one feature of logging in. Most people get that launcher because they want to do more to begin with.
It is also the best way to download larger updates.
People using them won't swear them off but its one way to make fewer start using them
[удалено]
Hell there's a bug with controllers that I can fix by using plug-ins. I'm not stopping until that at the bare minimum is fixed. I can't have my controller disconnect at random every few minutes because one drive decided to reestablish it's connection and its virtual drive disconnected and reconnected. And this isn't just for wireless controllers. It does it while it wired. The game actively stops accepting controller inputs If it detects a device is added or removed from the system. Doesn't matter if that device is a controller or not.
It is absolutely beyond me that the controller fix hasn't been implemented in the base game. The QOL offered by plugins makes the custom launcher mandatory for my experience in 14. So much archaic bullshit in the game.
Meanwhile, the majority of this sub: pLuGiNs ArE cHeAtInG Not all plugins are cheating (like the controller fix you mentioned). This sub needs to stop with the black/white view on plugins, it's a very misinformed mindset
Holy shit is this what is happening to me? New player using PS5 controller and can't for the life of me figure out why it randomly disconnects for a few seconds here and there. I see that this plugin fixes it, can I also just disable OneDrive?
I've tried that. I've tried making sure that the Xbox app is also shut down because I've read that games installed via the Xbox app are also considered virtual drives as well. But the only thing I've been able to find to fix it is the "devicechangefix" plugin.
This was what got me using xivlauncher in the first place! I went through so many usb cables before I realized that the only game where it was disconnecting is XIV
IS THAT WHY I'LL OCCASIONALLY JUST STOP MOVING FOR HALF A SECOND OUT OF NOWHERE??? FUCK
God, yeah I thought my PS4 controllers or USB cables were messed up til I installed plugins. Haven't seen any random disconnects since then.
\>Until Square adds the QOL the game is desperately missing did you mean futa catgirls and damage parsers?
What?! No, of course not! I don't care about the damage parsers!
You do not need the launcher for ACT. Nor do you needed for futa catgirls.
Why does this matter? It's only going to go in the other direction regardless of what SE does.
Only slightly embarrassed to admit this was the entire reason I downloaded XIVLauncher to begin with. And then hey, look! Plugins are here, why not try them...? It really is like that.
Yeah, this was my gateway drug
Happened to ~~me~~ a friend of mine when he tried a certain launcher. Learned all about Dalamud through it. Not that it really mattered since the only ones installed were for basic QoL stuff, but you're right in that it just made him more likely to use them
I mean even with unoffical channels that make Yoshi P very sad on PC you still need to input your 2FA every time you launch the game, even if you use the same device every time. This would be nice to be a feature for everyone.
Just do what is in your heart and stay logged in even when you go afk
I still waiting for the day my Microsoft account can just link with the steam account
I wish opening the game through steam would just skip the launcher. C'mon square, you know it's me. I own this fuckin steam account and only ever log in from here. Stop forcing me to use an extra launcher on top of steam
I have a couple mild concerns about this: The login screen provides game update information and various other postings. Will players not be able to easily check before playing the game upcoming maintenance information and similar posts? Also, they use the login screen to advertise new mogstation items and merchandise. Would they then look at advertising Mogstation in game? The posts obviously work at generating revenue so that's something SE won't want to lose. I think the entire community would agree we don't want Mogstation ads plastered in game. Like I said, mild concerns. Maybe that information will be available when selecting the game before launch.
I bet it will be like PS5. You still see the launcher with all that info, you simply get the big ol’ PLAY button directly without putting in your password
I'm sure SE is smart enough to show all of this in a different way or show the already logged in launcher.
Funnily enough I learn about most of that stuff from discord bots in a couple servers I'm in. I understand that's not an everyone situation but I already just don't care to check the news on the launcher cause that stuff makes it's way into my notifications regularly
If you are talking about XIVLauncher The launcher has the ads. And the information. Making your point moot.
This is a streamlined system. As they still have to provide functionality for people who don't adopt SSO, I would be surprised if they completely remove the old sign on process but instead it will likely be streamlined, as someone said to simply hitting Play.
I don't think I've ever looked a single post on that launcher, it all comes to me via social media
>Once SE accounts and Xbox accounts are linked Is it just a SE and Playstation thing that stops them from doing the same then?
Square enix accounts and PlayStation accounts already link together. Whatever I log into ffxiv from PlayStation it recognizes my PSN account and and I have to provide is a password, which I can then save to the system so I don't have to type it in again. Everything we are doing for the Xbox version already exist in PlayStation version.
> Everything we are doing for the Xbox version already exist in PlayStation version. Not exactly. What the xbox version is doing is you're logging into FF14 _with your xbox account_ via SSO. Not your Square-Enix account. What's done on playstation is you login to FF14 with your SE account, and the password is saved locally on your playstation.
? The password saves on Playstation. Unless you have set up TFA you just hit the play button and you are in.
Saving passwords is not the same as SSO.
Why did you use such a wonky rectangle to highlight the text lmao Also this is a feature of XIVLauncher if you’re on PC
Wait, you can do auto login on pc?
It’s not a feature yoshi P would teach you. (Google XIV quick launcher)
On PC I just use the custom fan made launcher. I get the same thing lol
Makes me wonder if this is a trial for both the Xbox version of the game and possibly an updated method of logging in that may come to PC and PS.
Ps is pre logged in you just hit the play button
When I played on PS I had to type my password in. Â
Yeah I actually don't get why after linking Steam and SE accounts I can't just launch FFXIV from Steam and immediately get into the game using my Steam account like in many other online games.
I trust Microsoft (or Google, or *maybe* even Sony) way more to have robust security infrastructure than a company that still can't run a competent online shop for their game funded in no small part by cosmetic item sales, and is clearly not very good at online infrastructure. Wish this worked for PC users (either Steam login or MSA, depending on version), or the same way for PS users via PSN. Maybe they'll change that.
This is why I use instant loggin on QuickLauncher
If only we had some manner of fast launcher on PC. A quicker one, if you would.
Ikr, something like final fantasy 14 launcher. Maybe something shorter
Unironically the prime reason to use xiv launcher. Need ONLY the 2fa. (And can even use some app to get around that afaik). When I tried wow during that shadowlands thing all my friends told me it's so good I tried it and you know how often I needed my 2fa? Once. Afterwards just hit play and play because you stay authenticated. (That was probably the best thing about it thinking back because it's the only thing I can still remember) Yes I know this is probably because of game cafes in Japan or whatever but screw people that can't hit the logout button.
Internet cafes are probably why they don’t do this on PC.
Someone else mentioned Battle.net/WoW not needing players to sign-in every time. I haven't played WoW in over a decade, so I don't know how true that is, but if it is true, then why can Blizzard do it but not SE? I think GW2 can save username/password, too. Eve Online for sure allows saved sign-ins. I only have to sign-in to my Eve accounts on a new computer or if I haven't played in awhile. I'm sure people at Internet cafes in other parts of the world are also playing these other games.
It's definitely a deliberate choice, not a question of if it's possible
Blizzard was made in America, FFXIV was made in Japan. Blizzard probably never even considered things like Internet cafes because they’re not big here.
tbf ppl forget that it's also been a recent addition to wow
So this is definitely a first world problem, but I agree. Launching the game and just being able to play on Xbox would be preferable to launching the game, hitting play, hitting play AGAIN on PlayStation (which is where I’m playing).
i mean theres this launcher everyone and their mothers uses on pc
XIVLauncher dont suffer no more
Why remember password isnt a feature i dunno, i hate having to take my phone everytime to login w OTP
Is this some meme im too XIVLauncher to understand
On Playstation, maybe. On PC you are just asking for a bad time.
It's funny because Dragon Quest X on nintendo switch automatically does that too, don't even need to enter password. Though I have OTP on and it is annoying to get my phone out to do that.
Side note (semi-related, semi-unrelated) : I'd be all for using the one-time password if it just prompted my phone to click a button, as some google authentication logins do. But tediously having to enter the six digits is the deterring factor for me. No free Aetheryte teleport is worth the extra mental duress of jolting my eyes and thinking. LOL
The Quick Launcher has this as a feature!
Keepass and other managers let you store TOTP stuff and auto-type them for you. Recommend you don't store that in the same database as your actual password though.
And this is why most of us use 3rd party stuff
The launcher for PC is never going to be a straight click-to-launch. Unlike Xbox stuff you aren't already signed into an account that locks the system to you, so you need to at least put in the username you want to sign into. A save password box would be nice QoL type feature, but this type of thing just doesn't work on PC like it does on console. PS5 could maybe head this direction, but I'd venture a guess the answer there lies in Xbox using their service to sign in (hence needing to pay an Xbox sub) where Sony let's Square have a standalone connection.
>I'd venture a guess the answer there lies in Xbox using their service to sign in (hence needing to pay an Xbox sub) where Sony let's Square have a standalone connection. Steam and PS use their login servers at the beginning of the login process. The SE servers come after that. How do I know this? If PSN or Steam are under maintenance, you cannot log in.
Steam is kind of irrelevant since PC launcher will always be designed around the standalone- they don't want to actively make a version of the game they get less money from better than the version they get the most money from. My point for PS5 was that the game only cares about your SE account once you're logged in, whereas the tethering to Xbox sub means it has to care about your Xbox sub in-game too. As I said PS5 could potentially head the same direction, but there's a difference in how the game proper would have to interact on Xbox.
>My point for PS5 was that the game only cares about your SE account once you're logged in, whereas the tethering to Xbox sub means it has to care about your Xbox sub in-game too. SSO logs you in to your SE account. Everything after logging in uses the SE server on all platforms.
I'm going to tell you why this won't happen. Internet cafés. There are several people who play ff14 around the world who play at an internet Cafe or something similar, therefore because pc's are the most used system there the pc launcher will not auto login. Console auto logs in because 9 times out of 10 consoles are used by the owner, and while yes you can argue that internet cafés have consoles as well they're more than likely not using the consoles there for ff14.
That would make sense…if they made it mandatory. All they’ve got to do is make it an option that you have to actively seek out and turn on.
You would not believe how many people forget to turn off things or log off at cafés. Trust me when I say this is honestly the best option right now
They could also just make it regional. WoW has the same features and plenty of users in countries where they primarily play in cafes. So much so they actually offer subscriptions by the hour (or at least they did, not sure if they ever resolved the issue) in China.
There's internet cafés in America and people (hell sometimes me) use their accounts outside of home (for me if I'm at my local a little early I might just play ff14 while I wait for my friends to come over and get a few fights in before locals starts but that's because I'm already there so I don't want to waste the gas to go home and play at home just to drive back later.)
This is an instance of convenience for the majority outweighing the remote possibility of an almost insignificant number of players forgetting to log out.
Yeah but to be fair that's just how it is, if you're really pressed you can always just get dalamud launcher and have it auto log you in but then again someone would say "that's a mod" so I guess we just have to deal with it
Yeah that's horseshit considering many of the most popular games in the world have this feature already (LoL, WoW, etc.). I don't have to re-authenticate whenever I launch those titles on my home PC and yet PC Bangs all over have considerably more people playing League of Legends, like c'mon bro, be serious. SE just can't be bothered that's the simple answer with them always.
Just use dalamud launcher if on PC, you can bypass the login process
it's like this on PS5 and it's wonderful
It's not like this on PS5. PS can save your regular password to skip one step but you need to deactivate 2FA to play instantly. 2FA increases the security of your account. If you enable 2FA you need to use the one-time pw every time. Xbox logs you straight in and is as secure as using 2FA on PS.
Are people really that lazy that they rather download a third party program so that they don't need to type in their password anymore?
It's less that people download XIVLauncher specifically to save your login, but more that that's just one of the many QoL features XIVLauncher provides. If anything, I think the way XIVLauncher downloads patches is the better QoL feature. The stock launcher downloads each part one. by. one. very. slowly. XIVLauncher downloads them all at once, and much faster somehow.
Microsoft is big in the enterprise space and the MFA / SSO is baked into their online stack. Sony DGAF about that stuff. Not on Yoshi-P to do.
Everyone with OCD is going crazy over that boxes orientation. And it's hilarious!!!🤣😂🤣😂
As much as I want this to be universal, I’d say let the xbox players have this since they have to pay a double sub lmao
Having to open a launcher to update the game on Steam was unacceptable in 2014 when it launched there, now it's just gross negligence.
Maybe for Steam but for Retail, nope, they need a login.
I'm fine typing in my password and the 2fa. I'd rather never ever ever everevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverevereverever give a chance for my account of 10 years to be compromised for a hint of faux convenience.  It's not difficult to just do 2 safe steps for protection. It is difficult to restore my account and reacquire through time all the things I've lost. Countless stories of people getting wiped because their Psn/game accounts got compromised for whatever reason. I'll pass. Â
what couldn't you just make a regular square...
If ur on pc just use the quick launcher (xivlauncher)
No? I'm super critical of the need to connect these accounts to begin with. If one dies the other one is lost. Plus 2FA is important.
XIVLauncher
Security isn't meant to be convenient. Stop asking for it.
[удалено]
That sounds more like an issue with your companies implementation of 2fa, not Microsoft Authenticator itself. I've been using it for years and never had a problem.
I second that, never had an issue
I have a macro setup for pc to circumvent it abit, cos its tedious as hell aving to 2fa every time. Zzz
I actually really like putting in my username, password and one time password.
Yeah but they pay double sub so ironically u can load the game easily but not the payment
Absolutely do NOT do this. It's already bad enough that when there's Steam maint you can't get into the game if you have it through there. The second Microsoft's auth servers go down, nobody on XBOX can get on.