Epic Games has announced a host of security measures to keep Fortnite, Epic Games Store, and Unreal Engine users safe from cybercriminals, in a bid to safeguard the interest of gamers. The most notable one of them is multi-factor authentication (MFA) via dedicated authenticator apps and email, with SMS-based authentication set to arrive soon. Moreover, Epic Games will employ detection techniques to make sure that the emails used for logging in to Epic Games services have not been compromised elsewhere, aside from helping them choose a strong password by integrating ‘Have I Been Pwned' during the password reset or account creation process.
Starting with Multi-Factor Authentication (MFA), Epic Games mentioned in an official blog post that users can now boost the security of their account by opting for multi-factor authentication. As of now, one can choose between using an authenticator app or receiving the 2-factor key on their registered email account.
Epic Games has revealed that it will soon enable support for SMS-based 2-factor authentication as well. As an incentive for enabling MFA, the Fortnite developer is giving away a free Boogie Down emote in the smash hit title. Moreover, Epic Games has also started using the “Pwned Passwords list (v4)” by “Have I Been Pwned” to make sure that the passwords are strong and haven't been compromised in the past.
Moreover, the game developer will also make email verification mandatory for all new Epic Games accounts in the near future. Although, existing users also can go through the account verification process anytime they want. The studio will be adding a host of account detection techniques throughout 2019, making sure that an email linked to Epic Games account and another third-party service has not been compromised.
And in case the email is found to be used on a service that has been compromised in the past, Epic Games will lock the account and will ask users to reset their password. The developer states that even though the Epic account system has not been compromised, the common email used on another service - particularly one whose security has been breached – might jeopardise the security of users' Epic Games account. “However, specific individual Epic accounts have been compromised by hackers using lists of email addresses and passwords leaked from other sites which have been compromised," Epic Games says.