License account hacked?

noeqplease · October 6, 2022, 10:58am

NVM, I found it.

klfnk2020 · October 6, 2022, 11:33am

For the record, i was not trying to argue but learn
Thanks juergi for your insights, i appreciate the time you took to write it down.

Phil_Pendlebury · October 6, 2022, 11:36am

Thanks. Sorry, wasn’t referring directly to you there, although I realise it must have seemed that way.

Apologies.

Lots of folks are not getting the 2FA thing. Only last night I had to explain this to a group of friends. Show them how to set it up etc.

Anyway, all good. And glad you’re taking the step.

kenobi1 · October 6, 2022, 12:26pm

This made me check. I have 2 unknown authorisations on my account!

@Matthias_Quellmann please delete the other two authorisations. I have just enabled 2fa. I only ever registered N12 on one PC so far. That registered PC now has a short recognisable name, and its registered to Activation Manager as that name. The other two hexadecimal longer names I know nothing about. Please delete them.

Matthias_Quellmann · October 6, 2022, 1:13pm

@kenobi1 I have reset your activations.

Dietz · October 6, 2022, 2:55pm

That’s a little bug of the Activation app rather than a hack. I’ve seen this, too, but I’m using all three activations myself.

klfnk2020 · October 6, 2022, 6:03pm

@matthias_quellmann can you also reset mine? how would i give you my details?

Matthias_Quellmann · October 6, 2022, 6:05pm

@klfnk2020 done

Prim_69 · October 7, 2022, 11:52am

Hi all.

An interesting post that has encouraged me to want to activate the 2FA in my Steinberg account, but I am baffled as to how, exactly I am supposed to go about this.

I use my phone (P40 no Play Store) to log into my Steinberg account, navigate to Security\Login, turn on activate 2FA and then greeted with a QR code and\or a long security number that needs to be scanned\copy and pasted.

My questions are:

How do you scan the image using the same phone?
Where do you paste the alternative security number provided?
Would I need to follow the same procedure to log into my Steinberg account every time I wished to log in?

I have a QR Code app in my phone, but I am totally missing on this one.

I do have 2FA on certain online sites in my phone, but I receive texts’ for them and they were easy to set up following emailed links and registering my phones number.

If anyone could kindly chime in, some instructions would be appreciated.

Regards_Prim

JuergenP · October 7, 2022, 12:27pm

That’s going to be complicated. I guess you have rooted your phone and installed a different Android image, am I right?

Without the Play Store you won’t be able to download any of these authenticator apps (e.g. Google Authenticater, Microsoft Authenticator, etc.) but one of them is needed to generate the one-time codes to finalize a 2FA login.

The QR Code you see needs to be scanned by one of these apps and that creates some kind of link between the Authenticator and the login to the website. So standard QR Code scanners are not helpful, they are just scanners, not security apps

No, after joining the Authenticator App you will login to the Steinberg website as you do now, except it will present a second step and ask for a six digit number. This number is generated by the app and is valid usually for one minute.

However, it seems you want to do both, the login and the authorization, on the same device. This is typically a bad idea, as a 2FA is supposed to create security by using a different physical device for the second factor. It will work, because you can switch between apps, but real security is clearly a bit different.

noeqplease · October 7, 2022, 2:44pm

I used my computer to activate 2FA, and then used Googles Authenticator app on my phone. Not sure how often this logging in with 2FA needs to be done.

JuergenP · October 7, 2022, 2:49pm

You will need your second device every time you are going to login using your Steinberg ID.

JuergenP · October 7, 2022, 2:55pm

In another thread the below video was linked, explaining what it means to have the Steinberg ID secured by 2FA. The video is from Musictechtuition and explains in detail all kinds of things around passwords and 2FA. Nice video and definitely worth watching til the end.

Prim_69 · October 7, 2022, 3:24pm

Thanks a lot JuergenP. This is all the information I needed.

“it seems you want to do both, the login and the authorization, on the same device. This is typically a bad idea, as a 2FA is supposed to create security by using a different physical device for the second factor”

OK, I get this and it makes perfect sense. I was just thinking if I set it up on my phone, then any potential breach of my Steinberg account in the future, I would be notified via my phone for verification, like, if I tried to log in to my Steinberg account on my PC, I would then open the Authenticator on my phone to get the verification code. Can this way work?

Prim_69 · October 7, 2022, 3:32pm

Thanks for that noeqplease.

Prim_69 · October 7, 2022, 3:38pm

Thanks for this.

And thanks for Vid link JuergenP, I will defo give it look at for a more understanding of how all this works and thank you so much for taking your time to explain things to me

Much appreciation.

JuergenP · October 7, 2022, 6:17pm

Active notification is possible (Microsoft 356 logins do this by sending a code to your Authenticator), unfortunately the Steinberg 2FA is passive. It waits for you to generate the security code and to enter it, which is the used by most websites using 2FA.

Prim_69 · October 7, 2022, 6:21pm

Got it.