CLICK HERE TO VOTE FOR THIS SITE FEATURE

As I have explained in the link above, I feel it would be nice if GOG.com adds a second layer of protection to GOG.com Accounts so it would lower the possibility of an account to be hacked/hijacked. I am pretty sure the GOG.com team has put enough security to their accounts, but there are reasons why services like Steam and Origin have added a secondary protection layer to their accounts. Humble Bundle uses a third party service called Authy that forces an SMS verification during login, which seems to be good enough.

Well I don't store my bank details on Steam either, but that doesn't stop me from using Steam Guard. What you said does make sense but what stops a hijacker from changing the account email/password? So many services these days are using extra layers of protection to keep things secure. I don't know much about GOG's security, but it's very easy to login if you just know the email and password.

If you know email and password, you can log in and change them. In which case the rightful owner creates a new account, contacts GOG support, supplys payment details of a previous purchase on them, and gets the account restored.
So you do lose a few days, but that is the most that can be lost from getting your email/password leaked.

Unless you use the same login information on multiple places, in which case it's the same as if I find your steam login, but not the steam guard info.

Required SMS verification is an instant no-go for me.

Giving a cell phone number to be stored in a database just doesn't sit well with me. All it needs is for someone to hack into that table, start signing those cell numbers up to various services, and users start getting spam SMS messages and mystery charges on their bills. No thanks.

I don't have a cell phone so I cannot use sites that use sms to authenticate users. If something like that come here then I'll have to stop using GOG. Even if I had a cell it would not help as they don't work in my apartment.

I'm personally fine with the security here. And I'm extremely unwilling of handing over my cellphone number.

True, but something like SMS verification is perfectly capable of thwarting that and saving the GOG.com team and the user from the hassle of recovering the account. I am sure there are ways to bypass this as well, but I don't see anything wrong with more security!

At the end of the day no level of security is unbreakable, if someone wants to get your info they will do it no matter how much protection you try to use.

JMich answered you other concern. Most people use different passwords and log in info (or they damn well should) for different things. but aside from what has been said what more can a hacker do?

Worst thing I can see them doing is buying me a copy of VR Soccer and the folk at GOG not removing it from my shelf.

It doesn't have to be SMS verfication. Steam Guard for example doesn't need your mobile number, it just sends a temporary unlock code to your email so you can unlock the account for use. I am just listing out the possible ways of making GOG.com accounts more secure!

A database leak means the attacker also has my phone number instead of just my email and salted password. I do consider that worst.
If the second layer is an (optional) e-mail verification, that would be better, since they would only use the already existing info. But that means that gaining access to the e-mail also gets access to the account.
Steam also has 2 different things, username and e-mail, while GOG uses the e-mail as username. You could (in theory) have one email address as username and a second for authentication, but that goes back to the database leaking thing.

Should there be any monetary value in a GOG account (GOG wallet for example), I'm all for an authenticator ala Blizzard. Until then, I do find it more of a hassle than it's worth.
Personal opinion though.

I regards to steam, if i log out of steam it never knows that its me logging back in and I have to verify it every time. now i can understand that when my VPN is on or when my IP was not static but it is more annoying than anything.

All the services that I have used come with an optional protection layer. You really don't have to use Steam Guard to gain access to your Steam account (Hence making it a simple yet less secure login process), same with Origin and Humble Bundle.

I think this is something that should be done carefully. There's a good selection of ways in which 2nd factor can work, and they don't all rely upon sensitive information.

Personally, I'd kine of like them to add One Time Passwords so that we don't have to have as much faith in the people writing 3rd party downloaders to be honest and code the program securely.

Steam Guard is required though to trade and/or use the community market. So without Steam Guard, the worst thing that can happen is getting a VAC ban, and/or buying an unwanted game (since the hijacker will not be able to trade it). So the "secure" feature of steam is required if you wish to use the wallet fully.
No idea about Origin and HB, since HB hasn't asked for extra security, and I don't have an Origin account (yet?)