After watching Markee's interview with Dupre yesterday and all of the talk about hacking I'd like to see one of the pieces of SWAG be a RSA like token that is used to log into the game. This can also be a revenue stream (albeit small) that non-Kickstarter players could purchase as well. Any sort of one-step verification is going to be the target of hackers especially when we're already saying a town level house is already $1,000 more valuable than a village house.
A custom branded SotA hard token would be nice, but I don't think I'd personally want (to carry) one. I'd prefer a soft token, perhaps even a custom SotA mobile app (like Battle.net Authenticator). There are also plenty of other third party software token providers that SotA could integrate with as well. I'd like to see multi-factor authentication implemented as well.
Certificates should suffice, IMHO. To obtain a certificate, a token/code could be sent to a mobile device and/or e-mail which would have to be verified.
Id personally like a phone generator. But feel there should be multipe code generator methods avilable.. Dongles.. Text verification, phone app.. So each can choose their own method that works best. Ive known people who had acts hacked and not only did they take stuff but destroyed stuff they couldnt. Like deleting chars.
All good ideas and I think the majority of the players would use the text/app verification. I'd still like to see the big backers (say maybe citizen and above ) get a token but this additional layer of verification could be disabled if carrying one around is not your preference and only want the text/app verification. If players joining after the kickstater want a token charge them enough to make it economical and not lose any money in the process.
I strongly believe the Physical Token generator is a great option for any MMO game. The software versions are good alternatives but I've run into so many issues with how they tie themselves to the phone and breaking during OS updates on that phone.
+1 on this. Soft and Hard tokens aren't mutually exclusive, so making hard tokens available isn't going to prevent them from having an iPhone/Android app
I agree with the idea of multi-factor authentication. As soon as you have online assets (deeds, currency, etc) they are going to be under attack. Either an app or a hardware token for online play account authentication. I'm not sure on the cost. This could be a limiting factor or something to pass on to the end user.