Those that know me know that i have been collecting the Funko NFT's since the start completing each royalty to get the Freddy's and occasionally getting the full set if it was something i desperately wanted (aka the power ranger set). I have had no issue at all with redemption and even tho some were delayed it was no bother.
When Droppp.Io started there 2FA i jumped on it as fast as i could because god knows i didn't want a hacker getting into my account. I downloaded and used the Google Authenticate App to hold my 2FA codes because we all know google is as trustworthy a company as they can get.
I did redemption after redemption and All was right with the world but then last month when the new Iphone came out i was offered the Upgrade. I thought Sure might as well my ones 3 years old and i can give my second hand one to my mum. When i got the phone i did a data migration so everything that was on my old phone was moved to the new phone and when it reached 100% i took the old phone to apple to make sure it was all good before giving it to my mum. When i did this tho apple wiped the phone back to factory settings and gave it back to me.
That didnt hurt because i was going to do it myself and i then put my mums info from her phone onto the new one and she was over the moon.
At this stage we Fast Forward to the Funko Halloween drop and when i go to log in i look at the Google Authenticate App and none of my codes are there. I figure "oh new phone so i must have to download them", But when i try and find any info on how to download them i cant find much and it takes quite a bit of googling (as if they are trying to hide it) to find out that Any 2FA codes you put on your phone are solely held on that phone and if you change phones you are ment to go into the app and move them over to the new phone.
Now to me this seems stupid because what if someone's phone gets wiped, Stolen or if you accidently delete the app, I then looked at the reviews on the app store and its flooded with situations of this happening. At this stage i start panicking a bit because i put a good amount of time and effort into my collection. I then go to the Droppp.io and Wax discords to find out what to do, the admins of those discords tell me to contact them by email.
When i contacted wax they told me there was nothing they could do atm because they haven't put the ability in place to allow people to unlock or remove 2FA. This sucked but wasn't to bad because i didn't have any wax on my account i only used it to buy the ones i needed for my sets.
BUT my droppp.io account was the issue. I contacted the admin dan and after 4 emails he said he just couldn't do anything because it was against there policy's to allow people back into accounts if they don't know there passphrase. The passphrase they gave when i activated 2FA was a large one so like a smart person i put it on my phone to keep it safe......sadly when my phone was wiped by apple the area it was stored was also wiped.
So at this stage i start begging to be able to get back into my account. I send them my passport, my ID, my disability card, my bank card the address i have shipped all my redemptions to and even a video of me showing all this info to prove that it is me. Dan then said he still couldn't and i asked if i could speak to someone higher up. He did but also said they would probably say the same thing, I thanked him and then i was transferred to Patrick.
Patrick informed me he would look over all the information and get back to me, at this stage i started feeling a bit hopeful because he seemed receptive and was gonna look at everything proving to them that i am who i say i am so i could get back into my account.
It was at that stage that Patrick informed me that he and no one before him had looked at my passport or any of the supporting information that i sent and that because they don't ask for a passport ect when making accounts it wouldn't matter if i supplyed it to them. My heart sank and i said i would do anything to prove who i am and just get back in because the new redemption of the MLP royalty was coming up and i didnt want to miss it. He said he understood and would work and see how we could get this situation sorted out, he told me he would get back to me in 2 weeks.
Again i started feeling hopeful that it would be fixed. But then 2 weeks came and then 3 and 4 and each of those weeks after the first 2 i sent a follow up email to check in and didnt hear a reply. That is Until Thursday, On Thursday i got a reply from patrick after 5 weeks saying
"Hi RedRoo, the issue is that we are not able / set up to handle KYC information for customers. Even if we were, we did not collect that information from you when you created your account so even with such info it doesn't prove you were the original creator of the account. Unless you can find your 2FA recovery phrase you will not be able to regain access to your account.
Regards,"
I emailed him back saying i was begging him to allow me back into my account, Even tho i was emailing him from the account that it was set up with even tho with the ID i provided i was who i said i am, i even said i would show him my old passport that was out of date to prove more so that i am who i am but i got this response.
"Hi RedRoo, I am not in any way suggesting you are a scammer but we have policies and procedures we have to follow. I feel for you being in this unfortunate situation but this is why we put up the warning about saving the recovery phrase when enabling 2FA. Please do not send your passport.
Regards"
It was at that stage i replied with a more aggressive tone but didnt swear because that gets you no where. I brought up the fact that what if someone accesses someone's account before 2fa is activated on there account and makes it themselves. is the person up s*** creek without a paddle? I reminded them that the recovery phrase was on the phone that got wiped. I told him that im angry and just p*** off at this hole situation.
Later that night around 12 hours since i sent the email i had calmed down and sent another off apologizing with the tone of the email, that i was just emotional because i had been collecting these over a year and built a collection worth over $3000usd which is over $5000aud.
I asked as a last ditch effort that would it be possible if someone there an employee could redeem the accounts tokens and post them all to the address that everyone of my previous ones went to.
I have yet to hear back but i don't have any hope left and honestly since have been in a major depression.
My biggest takeaway that i could share is if you are using a 2 Factor Authenticator DO NOT USE GOOGLE AUTHENTICATE, its a crap app and google should fix the major hole in it. I have Found and started using Authy, Its a 2FA that uses an account you make and holds the codes on there cloud and makes it password protected to get back in if you lose access to your phone or anything elce. They also ask you to change your password monthly for security.
These are the pops that i will sadly not be receiving anymore unless i try and buy them again which honestly i doubt i will with the cost involved.
](./images/smilies/eusa_wall.gif "Brick wall")
Don't give up, hopefully u bothering them will get them motivated to get this problem fixed.. I hope this story has a happy ending
Original Funko FunKlub #1188
