Since recent incident with inability to receive email verification codes, i want to suggest better account security options. Add ability to add all possible 2FA methods and make them work simultaneously.
Some of us use Email verification method ( therefore disabled SMS and Code-Generator-App method ) because it is more comfortable to receive email on your desktop and simply copypaste it into launcher. But it is not first time when email delivering service here gets down and players are unable to log in and play.
Suggestion here is simple:
- Ability to link all possible 2FA methods to account.
Steam has it, Battle-net has it. You can choose method for you verification codes during your log-in attempt. For whaever reasons Arena-net decided to have only one method at the time. If something happened with your cellphone with Code-generator Application, you won't be able to log-in until ticket has been reviewed to unlink your 2FA. If something will happen with email-delivery service, you won't be able to log-in. If something will happen with your SIM or you operator will block arena-net's SMS, you won't be able to log-in.
Update your Client's Launcher with checkboxes which will determine verification code delivery method on log-in. And give us ability to simultaneously use them all. If one method won't work, other two will be active and present. Also it will help to unlink non-functional 2FA without sending a ticket. Maybe it will be ok to disable Email verification after adding SMS verification for better security, but simultaneous use of SMS + Code-Generator-App is atmost important.
- Add ability to remember only one IP.
It is very common now for all ISP to provide their clients with static IP. Means same ip everyday only for you. Your current method authorize vast amount of IPs, giving a chance for hacker, even if it is very unlikely, to enter your account using just your password and proper IP. Since static IP only assigned to one client, it will be less risky to authorize it into arena-net account as trusted.