Nintendo Accounts: Nintendo ups security with 2FA, Sign-in History, more
The Nintendo Network ID had quite a lot of restrictions: you could only link one Nintendo 3DS and one Wii U, and you could not simply log in with your account on a new console without doing a system transfer or contact Nintendo. But it’s a different matter with Nintendo Accounts…
Those are not only easily “transferrable” to a new Nintendo Switch, but they are also used on various other devices and services (such as Nintendo’s mobile games). As such, top-notch security is required to protect those accounts from hacking, phishing, and other nasty ways they can get stolen by unscrupulous individuals.
After all, a lot of things are tied to that account: save data of mobile games, Nintendo eShop purchases, etc.. And Nintendo has already warned users that some individuals have managed to get hold of Fire Emblem Heroes save data via Nintendo Accounts, so it’s certainly a good thing to see the company has seriously upped security pretty recently.
Here’s some of the changes made:
Select Sign-In Method Edit
This option allows you to change the sign-in method for your account. It gives you the choice between the following:
- Sign-In ID only (recommended)
- Email address or Sign-In ID
The reason the first option is recommended is because your email address is something someone else than you could get hold off. Meanwhile, your Sign-in ID is something only you is supposed to know, making it harder for someone to try and start hacking your account. That’s why it’s recommended to use a different Sign-In ID than your public nickname.
After all, if you play as ZeldaFan1527, and set your Sign-in ID to that, then it makes the feature completely useless (since it’s supposed to hide the ID you use to log-in).
Sign-In History
Next, the Sign-In History… pretty self-explanatory! It lists all the devices used to log-in to your Nintendo Account during the past 30 days (including your current device). That way, you can easily spot if your account ended up used on a device it wasn’t supposed to be used.
For example: you’re a Mac user living in Portland, Connecticut, and your account was used on a Windows device in South Africa at a time you were fast asleep… something’s definitely wrong there! With that feature, you can easily spot this kind of unauthorised access to your account, and eventually reset your password if something is wrong. You can also sign out on all other devices, if you want.
Directly linked to that feature is the email notification, which is sent when you log-in to a new device. You cannot disable that feature, for security reasons. If you get one such email, despite not logging in to a new device, it’s time to reset your password!
Two-Step Verification (or 2FA / Two-Factor Authentification)
The ultimate end-user security feature, that can protect your account even if someone manages to get hold of both your Sign-in ID and the password.
Here’s how it works:
When you sign in with your password, you will be prompted to enter a verification code. At the same time, a one-use verification code is sent to an authentication app on your smart device. Once you enter this code in the sign-in form, you can use your account as usual. Two-step verification makes it much harder for an unauthorised person to gain access to your account.
To activate it, simply click on the Edit button next to Two-Step Verification, then follow the instructions that appear on the screen. You first need to use the verification code sent to your Nintendo Account before you can proceed.
Nintendo has chosen to use Google Authentificator for 2FA with Nintendo Accounts, though it seems other apps work too (though the instructions are only for Google Authentificator). If you don’t have it on your phone, you can download it now:
Naturally, it’s highly recommended to activate Two-Step Verification, for maximum security. After all, the only way for someone to log-in to your account with that feature activated, even if they know your ID and password, would be to get hold of your phone.
It’s certainly interesting to see Nintendo did not wait until a major incident occured in order up the security on Nintendo Accounts, though it would certainly have been even better if those features had been there since launch! To edit your security settings, click here!
Thanks Bjoern the Smexy for the heads up!