Welcome to the Forum Archive!

Years of conversation fill a ton of digital pages, and we've kept all of it accessible to browse or copy over. Whether you're looking for reveal articles for older champions, or the first time that Rammus rolled into an "OK" thread, or anything in between, you can find it here. When you're finished, check out the boards to join in the latest League of Legends discussions.


[Security] Riot Games Mobile Authenticator

Comment below rating threshold, click here to show it.

Hechter Liu



For you guys who play WoW, you guys should know that Blizzard has something called the Battle.net Mobile Authenticator, which gives you a 1 time randomly generated code that is required to log into your account (the website) and to log into their games. This app is downloadable for mobile devices and of course, an iPod touch.

I believe Riot should incorporate this security feature for League of Legends. Right now the only thing stopping people from hacking our accounts are our passwords; which can be changed without a secret question and answer, and you only require said password to change the email of the account too.

The app generates a randomized code required to access your account; and the code resets and changes every (aprox.) 10-15 seconds. This would prevent keyloggers from accessing your personal RP stash, as the authentication pass would have already been changed before they are able to find out about it.

This feature would be completely optional.

Your thoughts about this below?

Comment below rating threshold, click here to show it.




Totally agree and would pay $10 for one.

Comment below rating threshold, click here to show it.


Senior Member


2-factor authentication is getting very popular on a lot of systems now for good reason. Blizzard has been offering it for a while and gmail has been offering 2-factor authentication to its users for about a year or so. A huge number of companies use two-factor authentication for their remote users when logging into their work network from home or travel.

This is because passwords are inherently weak and easy to break (and challenge questions are no better).

While 2-factor authentication isn't perfect, it is head-and-shoulders above password-only systems.

I would absolutely be willing to pay for a 2-factor authentication app similar to the blizzard or google authenticators I have on my iphone. While accounts aren't paid for like Blizzard accounts, many people have a significant (to them, at least) amount of money tied up in their accounts via skins, champs, etc. It would be quite upsetting to me (and many others) if someone managed to get control of my LoL account.

I don't really ever hear much about security and LoL, but this would be a huge step to show people Riot do take security seriously (I'm not saying you don't, just that it is never really spoken about).

Comment below rating threshold, click here to show it.




I actually just got back ahold of my account from being hacked. First thing I set out to do was see if anybody else had suggested the addition of an authenticator to the game (after correcting my email address and resetting my password of course). I think it would greatly aid in the security of accounts.

I was actually pretty disappointed in how lax their security is on the accounts. No sorts of red flag measures set up. They're obviously able to check the IP addresses of various log in attempts. Allowing a user to simply log in and immediately change the email address of the account seems a bit underwhelming compared to some sites' security measures I've seen. I don't claim the Riot teams don't have anything else on their hands, but a bit of security improvement could go a long way.

They could add a requirement for you to validate an IP address with an email sent to you before you can change your password or email address. Or even just adding security questions would help to a certain degree.

I'm by no means blaming Riot for my getting hacked. I got my account back pretty quickly and easily with the help of Riot support. I just think that a bit could be done to boost the security of the games with little to no inconvenience to the players.

Comment below rating threshold, click here to show it.




The authenticater codes for WoW don't reset after 10-15 seconds... It will display the next one then, but the code lasts for about a minute.

Other than that, from what I've found Riot's security measures are some what lackluster, so this would be a much appreciated action.

For WoW my code allows me to play on my computer/IP address for one week before it asks again. Though many people use the code every time they log in.