Activision is giving away free experience points (XP) to teach gamers about the importance of two-factor authentication (2FA). The company will specifically be offering a reward to Call of Duty players that enable 2FA on their Activision accounts, giving them two tokens that can each can be redeemed for an hour-long double battle pass XP session in Call of Duty games.
In layperson’s terms, that means that the players will get twice as many in-game experience points as they normally would during each of those one-hour windows. The prize itself is relatively minor, but it does give players an additional incentive to implement a security measure that is already in their best interest.
Activision is not making two-factor authentication mandatory, but it is hoping that the offer will encourage more players to sign up for the program. The company has historically struggled with security across its entire Call of Duty franchise, and recently banned more than 15,000 Call of Duty: Warzone accounts for transgressions ranging from cheating to racist and otherwise toxic behavior. More than 350,000 players have been banned across all Call of Duty titles in the past 12 months, while 500,000 have been banned in Call of Duty: Warzone over the course of the game’s full lifecycle.
The Activision 2FA system relies on one-time passwords. Players that activate the feature will still need to enter their email and password as they normally would when they log into their account. However, they will then be asked to input a one-time code from a third party generator app in order to complete the sign-in process. That code provides an additional layer of security that prevents hackers from gaining access to someone else’s account.
Activision is not the first gaming company to highlight the benefits of two-factor authentication. Epic Games made 2FA a mandatory requirement for anyone looking to pick up a free game on its Epic Games Store during a promotional period last spring, while Nintendo has repeatedly encouraged players to adopt 2FA in response to a string of fraudulent account takeover attacks.