Ya'll need something to get rid of bots? Try this

Lost Ark phone app like a mobile authenticator. requires you to do a “human test” like those ones that ask you to poke all the pictures that are boats or trains or whatever. make your own “find all the mokoko seeds” or whatever makes you happy

after you complete the test your account is unlocked

BUT every time you talk to an NPC, harvest a material, queue for a dungeon, etc. there’s a chance your phone will beep and your authenticator will tell you to complete another human test or your account is locked out. give you like 10-15 minutes to do it whatever

now this is annoying for sure. but the longer you play the game and the more of these you complete. the more sure the system is that you’re a real human. so eventually it will test you less and less

also if you spam chat your “human test” frequency should go up lol

This suggestion would be too hard to implement and too unwelcome. All they need is 2-step or 3-step verification on login. 1-step: password. 2-step: Random one-time use code from RSA token or NETIQ program. 3-step: after the first two are completed, registered email or phone gets a new one time use code sent to you. All this should take about 2 minutes on login. considering how long it takes to load the game an extra two minutes to get verified wont hurt anyone. Since bots are done automatically, having to input two randomized one time use codes from two different sources they cannot hack makes deleting and permanently removing these accounts easier. You think the botters are going to want to constantly check and enter codes from email and RSA tokens/ authenticator programs. And even if they do, once they are found botting and get banned the associated phone/ email also gets banned.

The simplest is that trusted accounts can be auctioned

That is whole other problem. I mean people will always find was around any kind of control system. The key is to make it as hard as possible and even frustrating to do so. At the moment botters advertise openly on the web and fear no reprisal or policing action.

You really think they will engage in this kind of implementation just for us ?

And this is where we’re back to the argument of, “Not everyone has smart phones.”

2FA is crackable. 3FA wouldn’t be any more secure for very long.

Short explanation: RNG isn’t actually random. All of those one-time passwords are created by an algorithm that can be reverse engineered.