Browser Update Required

In order to fully experience everything this site has to offer, you must upgrade your browser. Please use the links below to upgrade your existing browser.

Cookies Required

Cookies must be enabled in order to view this site correctly. Please enable Cookies by changing your browser options.

2FA Required to Trade on MTGO

Posted on Aug 27, 2024

Greetings! Starting tomorrow, August 28, we will be adding a layer of account security to Magic Online by requiring that players must have Two-Factor Authentication (2FA) enabled on an account to be able to trade from it. 

Player-to-player object trading is a powerful, increasingly rare feature in online games that we are proud to offer on Magic Online. However, with great power comes great exploitability! If a bad actor gains access to your Magic Online account, they can trade away your entire collection out from under you before you know it. 

Recognizing this, one of the first features Daybreak Games brought to MTGO after taking the reins was Two-Factor Authentication, a tool that makes it so that simply stealing your password is not enough for someone to be able to break into your account and swipe your digital stuff.  

While many players rejoiced and added this layer of security as soon as it was available, many others have declined the option, and we have seen continued instances of account compromise and collection theft. For newer and lighter Magic Online players, there might not be enough in their collections to warrant extra protection. For players who engage with the trade system, though, the potential for devastating losses via theft is much higher. 

Accordingly, like most technology platforms that store things of value behind digital security measures, we will be requiring accounts to have Two-Factor Authentication enabled to be able to trade on MTGO. It’s super easy to set up, and it won’t even add extra hassle to your regular logins! Magic Online 2FA only bugs you for the second factor when logging in from a new computer or a fresh installation of the client—once you set it up, 2FA protects your account unobtrusively. 

We wanted to give you a heads up and explain our reasoning behind this requirement, but if we go on much more, it will probably take you longer to read this article than it will to enable 2FA on Magic Online! Let’s wrap this up and let you all get back to slinging spells! 

If you have questions or feedback, Twitter and Discord are your best bets for reaching us. If you are having trouble enabling 2FA, you can submit a Support ticket and our team will assist as soon as they are able. 

See you on the battlefield! 

How to Enable 2 Factor Authentication

Enabling 2FA on MTGO

To give all players access to this security, we're offering two different forms of 2FA: email-based and authenticator-based. This allows all players to enable 2FA via their registered email addresses, while enabling authenticator-based 2FA for those who prefer that layer of security. To add 2FA protection to your account, click the gear icon in the upper right corner of Magic Online to access your settings, then click the “Account Settings” option on the left side of the window:

                                                    

Under the “Profile” section of Account Settings, you will find the 2FA settings:

To turn on 2FA, you will be asked for your account password and the 6-digit code sent to the email associated with your account. Requiring two factors to turn on two-factor authentication prevents a bad actor who accesses an account without 2FA enabled from being able to enable it themselves.

Email-based 2FA works the way enabling it did, by sending a unique code to your registered email address when you attempt to log into your MTGO account from a new device, or after 30 days on a device 2FA remembers. You will be prompted to enter this code to verify your identity after entering your username and password. This method provides a simple and straightforward approach to 2FA. The only requirement is access to your email account, something most of us have on our mobile devices.

The second method we're introducing is authenticator-based 2FA. This method involves using an app, often referred to as an authenticator, to generate unique codes for account verification. When setting up this form of 2FA, you will confirm your identity via an email code, at which point you can use the QR code or enter the numeric code to set up your Magic Online account on your authenticator app.

When you log into your MTGO account from a device for the first time with authenticator 2FA enabled, you'll enter your password and then be asked to provide the code displayed on your authenticator app.

The benefit of offering two distinct methods for 2FA is that players have the freedom to choose what suits them best. If you frequently access your email and find it more convenient, the email-based 2FA might be your best fit. If you like the idea of having codes continually refreshed and at your fingertips via your mobile device, or you already use an authenticator for other services, the authenticator-based 2FA might be more to your liking.

Game On, Securely!

MTGO is not just a game. It's a community of players with a shared passion for Magic’s deep strategic gameplay and its opportunities for competition and collecting. Each account is a unique representation of a player's journey through the MTGO universe. By introducing 2FA, we aim to ensure that this journey is secure, and that each player can focus on the exciting challenges and experiences that MTGO has to offer.

Two-Factor Authentication is more than just a security feature; it's a commitment to safeguarding your digital assets, your personal space in the MTGO community, and the integrity of the game itself. So stay safe, and happy gaming, planeswalkers! Magic Online awaits you, now more secure than ever!