Repro steps:
- Log-in to your account on a PlayStation device (a PS5 was used in this case)
- Log-out
- Switch PS accounts to another user (not sure if this is required)
- Attempt to log-in with the Quick Log In feature (QR code or Quick Log In code)
- Observe results
- Disable 2FA on your account and attempt to log in with username and password (console doesn’t support 2FA)
- Observe results
- Turn 2FA back on, you’re account is vulnerable to being hacked/pwned/beamed etc without it
Expected behavior:
I can log in to my account after logging out, and if I can’t, it’ll tell me why.
Actual behavior:
Quick Log In silently fails. It’ll say “Confirming log in to J******** on your other device” above the QR code, but nothing will happen. Oddly, checking the “Security” tab in the Settings page for a logged-in device will say that the console has occupied a “PlayStation App” slot.
However, the app seems to ignore the security token it should supposedly have according to my Security page, and restarting the app will prompt me to log in again.
Then, using the username + password login, it’ll give me the reason the login is failing: I am on a cooldown because I logged into the console within the last 90 days.
This is a terrible UX bug. Also, is there a way to bypass the 90-day cooldown? It seems a little pointlessly excessive, unless I’m missing a button somewhere.
Also worth noting; doing quick login again on the same QR code/QL code when it’s gotten stuck on “Confirming login” will result in the textbox where you enter the code having the error message “Something went wrong” in red below it. This is also pretty bad UX.