EDIT: In light Sandy Hoey poiting this one out to me, I shall probably list the reason why I want this feature to be toggle so badly:
I live an extremely mobile lifestyle, which results in constantly changing location and IP. This may result in several verifications PER DAY. More importantly, I also rely mostly on cyber-cafes to game. Which means I very rarely use the same computer twice to game. Again, it may result in several verifications per day. Sure, each verification only takes from 30 seconds up to 2 minutes depending on connection speed. But keep in mind, that those 30 second to 2 minutes are part of playing time that I actually pay for, with real money to game. Now stack 30 seconds up to 2 minutes, up to times 20 per month if you game at a cyber cafe 20 times a month. That's 600 up to 2400 seconds, of paid for gaming time, wasted on verification, per month. That's up to 40 minutes. And that is with only 20 verifications. If you play every day, and maybe even several times a day on weekends, that can go up to 40+ verifications per month. That's from 1200 up to 4800 seconds of paid for game time wasted in paid for game time. That's right. From 20 minutes, up to a hour and 20 minutes lost to verification, a month. Now multiply per 12 to have the figure for a year. That's up to 16 hours. Let's take my case as an example even further. I've been playing osu for a minimum of 5 years. Maybe even 6 at this point. Let's take 5 years. That'll make a total of 80 hours. If you pay for your gaming time on a per hour basis, as with a lot of internet cafes, that's 80 hours one will pay for, JUST for verification. That it is roughly 72000 times that I will need to verify my account (calculations were made assuming 40 verifications per month and that each month has 30 days). That is a lot of money lost for a security feature which I don't even need in the first place because I have never failed to secure my account without it, not once.
So hear this one out.
See this account verification security feature? The one which requires you to constantly login to your e-mail everytime you change location or computer? It needs to either be completely gone and be togglable. Why might you ask? Hear me out:
1. It's not as effective as other, more practical safety measures.
Having the user to constantly verify their account is a hassle. A hassle in a game which is supposed to be easy to install and play right off the bat. And it's strategically unsound: it wastes the player's time when everything is fine, the player is in possession of their account, playing safely, yet they still to have waste time by verifying. Why not have the player needing to verify and contact support only when something is wrong? I.e. when the password is forgotten, when there is evidence of account sharing or when someone steals/scams the account away.
2. It does not prevent account sharing.
If this security feature has been implemented as a deterrent to account sharing then ... It's utterly pointless. An account can be shared as easily as creating a dummy e-mail, then give the password to said e-mail to anybody who the user wants to share with. Sure, now the share-user has to write down two passwords on a paper instead of one, but they still will have access to the account just as easily as they used to.
3. It's does not increase safety.
It's much easier for a hacker to break into an e-mail address than into osu. Matter of fact, it's as easy as breaking into the e-mail and then requesting a new password from osu. They don't even need to break into osu. More importantly, do you really think that just because you warn users to not have the same password on their e-mail and on osu, doesn't means that they will actually do it. The increase in security is minimal.
4. Osu! is not a swiss bank.
You know steam, right? That platform on which some players have accounts worth way beyond a few thousand dollars? Yep, them. They have a similar account verification process. And guess what? It can be disabled for user convenience. That's right. Accounts which can be worth several thousand dollars can have security features not wanted by the users turned off for user convenience. Now if we try to figure out why in the world is this account verification mandatory with osu!, we're at an impasse. The most expensive thing that hackers can "steal" from an osu! account is subscription time. And even then, more often than not, the user will get their account back before said supporter time runs out. Hell, even stats are not as important. Steam collects stats on games which are played into world game championships. Several of these games. And they STILL allows the verification to be turned off. What is it so precious that osu! has to guard to limit player convenience in such a dramatic way?
5. Convenience.
That is EXTREMELY important. I'll take my own case as example, but I'm sure I'm not the only one in such a situation. I often play osu on different computers or at different locations, including internet cafes. Sometimes I pay just for 30 minutes of computer usage. If I have to authorize, every time I change computers, not only it becomes extremely annoying, time wasting and repetitive, but it also stacks up as wasting my paid for game time. Verifying can take anywhere between 30 seconds up to 2 minutes depending on connection speed. Stack this up a couple dozen times for each time you have to verify, and you'll get a LOT of time lost because of a forced, unwanted security feature.
6. Promoting account fraud.
Now this one is blatant. This security feature is actually counterproductive to what the osu! team has been trying to achieve for so long, and that's the one-account policy. Because of this poorly implemented, mandatory, crude and over-zealous security feature, I now can't play the game with friends online. At all. I have to wait through a lengthy support process, I have to write into forums and waste everybody's time, including mine and yours. Now I do this because I have an issue with bending the rules. But the first though that came into my mind? Here, I'll quote it:
"I just came from a hard night of work, at 1 in the morning and I want to have fun and relax with my friends. But because of a draconian and useless security feature, I can't access my account. Well, I just want to make a new one". Yup. That's right. Now I didn't do this and instead prefer to talk it out with you guys. But how many people actually did this, because YOU pushed them to it with an unwanted, unsafe, poorly implemented, repetitive and annoying safety feature? ... Think about it.
Here are just a few reasons for which I want to see this feature permanently gone, or at least to see a switch somewhere in our profiles where we can easily disable this crude, laughable initiative at security which, frankly, fell flat on it's face. I'm sure the community may find even more reasons and flaws in this feature.
/discuss
EDIT:
Reason #7: No need for handholding
If this forced security feature has been introduced to legitimately battle people losing access to their accounts ... I would like to actually see some study done to see how much people did have their accounts stolen. In percentage. In ... I don't even remember ... 5? 6 years? ... In all this time, I never once have lost my account or had it stolen. Not. Once. I'm sure many people here are in the same situation. In fact. I'm sure the VAST MAJORITY of players never once had their accounts stolen. Without this useless feature. Why? Because many players are aware of their actions and can already maintain their accounts safe without forced security feature which hold their hands. Why force this majority of players into extra hassle for extra security they don't need? To be honest, it's a little insulting to me that the osu! team implies that I'm too stupid to ensure my account safety without a draconian, obligatory safety feature ...
I live an extremely mobile lifestyle, which results in constantly changing location and IP. This may result in several verifications PER DAY. More importantly, I also rely mostly on cyber-cafes to game. Which means I very rarely use the same computer twice to game. Again, it may result in several verifications per day. Sure, each verification only takes from 30 seconds up to 2 minutes depending on connection speed. But keep in mind, that those 30 second to 2 minutes are part of playing time that I actually pay for, with real money to game. Now stack 30 seconds up to 2 minutes, up to times 20 per month if you game at a cyber cafe 20 times a month. That's 600 up to 2400 seconds, of paid for gaming time, wasted on verification, per month. That's up to 40 minutes. And that is with only 20 verifications. If you play every day, and maybe even several times a day on weekends, that can go up to 40+ verifications per month. That's from 1200 up to 4800 seconds of paid for game time wasted in paid for game time. That's right. From 20 minutes, up to a hour and 20 minutes lost to verification, a month. Now multiply per 12 to have the figure for a year. That's up to 16 hours. Let's take my case as an example even further. I've been playing osu for a minimum of 5 years. Maybe even 6 at this point. Let's take 5 years. That'll make a total of 80 hours. If you pay for your gaming time on a per hour basis, as with a lot of internet cafes, that's 80 hours one will pay for, JUST for verification. That it is roughly 72000 times that I will need to verify my account (calculations were made assuming 40 verifications per month and that each month has 30 days). That is a lot of money lost for a security feature which I don't even need in the first place because I have never failed to secure my account without it, not once.
So hear this one out.
See this account verification security feature? The one which requires you to constantly login to your e-mail everytime you change location or computer? It needs to either be completely gone and be togglable. Why might you ask? Hear me out:
1. It's not as effective as other, more practical safety measures.
Having the user to constantly verify their account is a hassle. A hassle in a game which is supposed to be easy to install and play right off the bat. And it's strategically unsound: it wastes the player's time when everything is fine, the player is in possession of their account, playing safely, yet they still to have waste time by verifying. Why not have the player needing to verify and contact support only when something is wrong? I.e. when the password is forgotten, when there is evidence of account sharing or when someone steals/scams the account away.
2. It does not prevent account sharing.
If this security feature has been implemented as a deterrent to account sharing then ... It's utterly pointless. An account can be shared as easily as creating a dummy e-mail, then give the password to said e-mail to anybody who the user wants to share with. Sure, now the share-user has to write down two passwords on a paper instead of one, but they still will have access to the account just as easily as they used to.
3. It's does not increase safety.
It's much easier for a hacker to break into an e-mail address than into osu. Matter of fact, it's as easy as breaking into the e-mail and then requesting a new password from osu. They don't even need to break into osu. More importantly, do you really think that just because you warn users to not have the same password on their e-mail and on osu, doesn't means that they will actually do it. The increase in security is minimal.
4. Osu! is not a swiss bank.
You know steam, right? That platform on which some players have accounts worth way beyond a few thousand dollars? Yep, them. They have a similar account verification process. And guess what? It can be disabled for user convenience. That's right. Accounts which can be worth several thousand dollars can have security features not wanted by the users turned off for user convenience. Now if we try to figure out why in the world is this account verification mandatory with osu!, we're at an impasse. The most expensive thing that hackers can "steal" from an osu! account is subscription time. And even then, more often than not, the user will get their account back before said supporter time runs out. Hell, even stats are not as important. Steam collects stats on games which are played into world game championships. Several of these games. And they STILL allows the verification to be turned off. What is it so precious that osu! has to guard to limit player convenience in such a dramatic way?
5. Convenience.
That is EXTREMELY important. I'll take my own case as example, but I'm sure I'm not the only one in such a situation. I often play osu on different computers or at different locations, including internet cafes. Sometimes I pay just for 30 minutes of computer usage. If I have to authorize, every time I change computers, not only it becomes extremely annoying, time wasting and repetitive, but it also stacks up as wasting my paid for game time. Verifying can take anywhere between 30 seconds up to 2 minutes depending on connection speed. Stack this up a couple dozen times for each time you have to verify, and you'll get a LOT of time lost because of a forced, unwanted security feature.
6. Promoting account fraud.
Now this one is blatant. This security feature is actually counterproductive to what the osu! team has been trying to achieve for so long, and that's the one-account policy. Because of this poorly implemented, mandatory, crude and over-zealous security feature, I now can't play the game with friends online. At all. I have to wait through a lengthy support process, I have to write into forums and waste everybody's time, including mine and yours. Now I do this because I have an issue with bending the rules. But the first though that came into my mind? Here, I'll quote it:
"I just came from a hard night of work, at 1 in the morning and I want to have fun and relax with my friends. But because of a draconian and useless security feature, I can't access my account. Well, I just want to make a new one". Yup. That's right. Now I didn't do this and instead prefer to talk it out with you guys. But how many people actually did this, because YOU pushed them to it with an unwanted, unsafe, poorly implemented, repetitive and annoying safety feature? ... Think about it.
Here are just a few reasons for which I want to see this feature permanently gone, or at least to see a switch somewhere in our profiles where we can easily disable this crude, laughable initiative at security which, frankly, fell flat on it's face. I'm sure the community may find even more reasons and flaws in this feature.
/discuss
EDIT:
Reason #7: No need for handholding
If this forced security feature has been introduced to legitimately battle people losing access to their accounts ... I would like to actually see some study done to see how much people did have their accounts stolen. In percentage. In ... I don't even remember ... 5? 6 years? ... In all this time, I never once have lost my account or had it stolen. Not. Once. I'm sure many people here are in the same situation. In fact. I'm sure the VAST MAJORITY of players never once had their accounts stolen. Without this useless feature. Why? Because many players are aware of their actions and can already maintain their accounts safe without forced security feature which hold their hands. Why force this majority of players into extra hassle for extra security they don't need? To be honest, it's a little insulting to me that the osu! team implies that I'm too stupid to ensure my account safety without a draconian, obligatory safety feature ...