Tuesday, April 28th 2020

Epic Games Store will Require 2FA to Claim Free Games Next Month

Beginning today and ending on May 21, we will periodically require two-factor authentication prior to claiming free games on the Epic Games Store. We are making this change in an effort to encourage our players to take steps to strengthen their Epic account security. If you do not have two-factor authentication enabled on your account, you will see the following message when attempting to claim a free game:

"Two Factor Authentication Required, Claiming this free game requires you to have Two-Factor Authentication setup on your account. Two-Factor Authentication provides an additional level of security to your Epic Games account and will help prevent unauthorized access."
In order to enable two-factor authentication, please head over to your Epic Games Account settings. Two-factor authentication can be used to help protect your account from unauthorized access by requiring you to enter a security code when you sign in. You can read a full how-to guide on enabling two-factor authentication here.

We understand that this is a minor inconvenience for some, but we want to provide the best possible solutions to protect your Epic account.
Source: Epic Games
Add your own comment

16 Comments on Epic Games Store will Require 2FA to Claim Free Games Next Month

#1
windwhirl
Just got a notification about it after I finished a WWZ session. Setting up authenticator codes was a relatively quick and painless process.
Posted on Reply
#2
biffzinker
I setup 2FA back when there was reports of unauthorized logins or hacked accounts.
Posted on Reply
#3
lexluthermiester
Is this texts to a phone or a login verification code via email(like TwitchTV)? To the first, no effing way! They have no rights to a phone number. To the second, it's irritating, but doable. Is there an opt-out option?
Posted on Reply
#4
londiste
lexluthermiester
Is this texts to a phone or a login verification code via email(like TwitchTV)? To the first, no effing way! They have no rights to a phone number. To the second, it's irritating, but doable. Is there an opt-out option?
Choice of one out of three - email, SMS or Authenticator (Google, Lastpass, Microsoft, Authy are brought as examples).
It is not mandatory, the only part that requires 2FA is getting (some) free games.
Posted on Reply
#5
Vayra86
It should be mandatory though... and not specifically linked to phones but any contact address. Which EGS has... but some sites and orgs. don't.

And PSA if you're still thinking 'wut 2FA'... you want it, you need it, especially for anything that holds any sort of value.
Posted on Reply
#6
Fizban
I disagree that it should be mandatory. It's a great feature, but I don't approve of companies trying to protect users from themselves.
Posted on Reply
#7
Frick
Fishfaced Nincompoop
Fizban
I disagree that it should be mandatory. It's a great feature, but I don't approve of companies trying to protect users from themselves.
No one else will, certinaly not the users.

For this kind of thing I'm not a huge fan of 2FA for every login. OTOH I almost never log in to this so whatevs.
Posted on Reply
#8
Regeneration
NGOHQ.COM
Epic Games finally figured out everyone registered to their store to play Fortnite or to claim free games with no intentions to spend a dime there.
Posted on Reply
#9
FordGT90Concept
"I go fast!1!11!1!"
Fizban
I disagree that it should be mandatory. It's a great feature, but I don't approve of companies trying to protect users from themselves.
Website requires an email to create an account so 2FA using email should be industry standard. 3FA (using something other than email) should be optional. It would cut down on a lot of impersonations/fraud/cyberattacks.
Posted on Reply
#10
Vayra86
Frick
No one else will, certinaly not the users.

For this kind of thing I'm not a huge fan of 2FA for every login. OTOH I almost never log in to this so whatevs.
Most 2FA systems also have a known devices list. I almost never have to go through 2FA procedures these days.
Fizban
I disagree that it should be mandatory. It's a great feature, but I don't approve of companies trying to protect users from themselves.
Its also protecting others, in much the same way as anothers' identity fraud can also damage you. And on a quality of life level, having genuine accounts means you also have genuine players (Mostly) and less cheaters/hacks. Its an elegant way to keep anonymous users identifiable.

I do agree with the general principle that people should be smarter and all that... but that is theory, practice is that even the most diligent users will have security full of holes and nobody can predict the next hack.
Posted on Reply
#11
windwhirl
lexluthermiester
Is this texts to a phone or a login verification code via email(like TwitchTV)? To the first, no effing way! They have no rights to a phone number. To the second, it's irritating, but doable. Is there an opt-out option?
There is a choice for authenticator apps. In my case, I used Microsoft Authenticator: just open the app, show it the QR code that Epic gives you and that's it.
Posted on Reply
#12
holyprof
I am against forced 2FA (or anything forced). But they are giving the users high-quliaty free games, so I find that acceptable.

Now other types of forced things like what Activision-Blizzard and EA force down user's throats, I'm not OK with those.
Examples of forced crap:
- EA's activation limit on games. If you reinstall the OS on your PC 5 times, buy the game again;
- Blizzard: My WarCraft III Collector's Edition is blocked and I'm forced to buy the "Remastered" version which is worse than the original. Did they took a page from EA's book?
Posted on Reply
#13
Fizban
I've installed Origin games many times on many PC's. Never ran into an activation limit.
Posted on Reply
#14
holyprof
Fizban
I've installed Origin games many times on many PC's. Never ran into an activation limit.
Maybe they removed it, after "winning"
"worst company in America" Golden Poo award
link
for, how many, 5 years in a row?
Posted on Reply
#15
lexluthermiester
Regeneration
Epic Games finally figured out everyone registered to their store to play Fortnite or to claim free games with no intentions to spend a dime there.
And I'll bet there's a ton of that going on.
FordGT90Concept
Website requires an email to create an account so 2FA using email should be industry standard.
This is the only thing I will tolerate.
FordGT90Concept
3FA (using something other than email) should be optional.
This however, is unacceptable.
FordGT90Concept
It would cut down on a lot of impersonations/fraud/cyberattacks.
There are better ways to cut down on those kinds of things.
windwhirl
There is a choice for authenticator apps. In my case, I used Microsoft Authenticator: just open the app, show it the QR code that Epic gives you and that's it.
No thanks.
Posted on Reply
#16
Wshlist
holyprof
I am against forced 2FA (or anything forced). But they are giving the users high-quliaty free games, so I find that acceptable.

Now other types of forced things like what Activision-Blizzard and EA force down user's throats, I'm not OK with those.
Examples of forced crap:
- EA's activation limit on games. If you reinstall the OS on your PC 5 times, buy the game again;
- Blizzard: My WarCraft III Collector's Edition is blocked and I'm forced to buy the "Remastered" version which is worse than the original. Did they took a page from EA's book?
Asking people to install origin or similar for both paid AND free games is way way WAY worse than 2FA (via email).
Personally I think you should only install that crap on separate PC's dedicated, and only used, for gaming, and only if you really 'MUST have that game they got the rights to'.
Posted on Reply
Add your own comment