Forum Software Update - We updated the site to the latest version of vBulletin and you might have noticed that the text editor changed. If you want to revert back to the old editor go at the bottom of your profile settings and select the Basic or Standard editor.

Battle.net Authenticator Changes
Originally Posted by Zarhym (Blue Tracker / Official Forums)
If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist
This article was originally published in forum thread: Battle.net Authenticator Changes started by Boubouille View original post
Comments 407 Comments
  1. MintJam's Avatar
    I think it'd be neat if they made it into an optional feature for those players who are paranoid enough to not like this. Personally it'll save me from having to strain my eyes in the dark at night trying to read the numbers.
  1. Tinykong's Avatar
    As long as there is an option to disable this system, I don't have a problem with it. I would prefer to be able to skip this step, because my authenticator is on my phone, and it isn't always nearby when I want to log on.
  1. skylla05's Avatar
    I have to agree with one of the posters in the official thread. People don't give these guys enough credit. While exploits will always exist for everything, regardless of the precautions you put in place, Blizzard isn't stupid enough to present something of this magnitude without doing the research first. The script kiddies in the (official) thread and twitter presenting examples of how to break it are being asinine and have no clue how it works. I'm not going to claim ignorance, seeing how I don't know how it works either, but I think people are overreacting just a little. Maybe an opt out would be a decent idea just to appease the rumblings if one could be implemented.

    While I don't blame people for being a little cautious, and rightfully so... ease up on the pitchforks.
  1. Gramexer's Avatar
    Quote Originally Posted by poachingbear View Post
    This new change is not liked by me at all. What if somebody managed to take my laptop when i wasnt looking? Accounts could be hacked soo easily, waste of an authenticator. And to save time when youre dc'd in a raid? It takes two seconds to enter in a SIX digit number...
    It's ===8=== For iOS and Android authenticator !1
  1. Kujja's Avatar
    Quote Originally Posted by Taiki420 View Post
    Terrible. Every time I have friends over for a Raid (they bring their laptops to my place since I have the best internet) we're going to have to deal with crap.Or (OMG ACCOUNT SHARING) when a friend gets stuck in sw and cant log back in during peak times, I usually log them in and run them out of the city.As for me, entering 6 numbers isn't a hassle, and takes 5-10 seconds at most. Lazy Lazy.
    What's stopping you still doing that? If it asks you for an authenticator code then it will be as it is now.
  1. Mewtwo's Avatar
    I have yet to really hear a solid reason this is bad. People need to stop being so paranoid. Have a roommate? Share a computer? Don't let others know your password. Problem solved.
  1. frank2312's Avatar
    Quote Originally Posted by Tilie View Post
    I don't want them to know where I am! O_o
    They already do...
  1. Puffman's Avatar
    Quote Originally Posted by Tilie View Post
    I don't want them to know where I am! O_o
    They already do.
  1. Mewtwo's Avatar
    Quote Originally Posted by Needalight View Post
    Let me get this straight, your password can still get keylogged from your computer, (point a) but the other person can't use it to log in from point b? Considering how many people use the same password for almost every other service, how is this a good idea? JW..jw
    Uh wut? Authenticators never stopped people from getting your passwords..it stopped people from getting into your account.
  1. Tvrepairman's Avatar
    Yes, because there's absolutely NOTHING called an "I.P. proxy"...no siree bob this looks TOTALLY safe.
  1. Spl4sh3r's Avatar
    I have one question though, will it do the same on the Account Management site? Or does this change only apply to the Games and Community sites?
  1. frank2312's Avatar
    Quote Originally Posted by Puffman View Post
    They already do.
    Beat you to it :P
  1. mmocbe37fe1405's Avatar
    So wait, this still helps against trojan horses/keyloggers/etc? I guess they'd take your password, try to use it on their system, and come up with an authenticator request.
  1. Redasurc's Avatar
    What about people in your house that you dont want to be using your account. this is from a ICT security pov a disgrace and renders the whole 2 factor authentication worthless.
  1. Nekosom's Avatar
    Quote Originally Posted by Taiki420 View Post
    Terrible. Every time I have friends over for a Raid (they bring their laptops to my place since I have the best internet) we're going to have to deal with crap.Or (OMG ACCOUNT SHARING) when a friend gets stuck in sw and cant log back in during peak times, I usually log them in and run them out of the city.As for me, entering 6 numbers isn't a hassle, and takes 5-10 seconds at most. Lazy Lazy.
    Once again, it doesn't affect you whatsoever. You won't be doing anything different if that is what you and your friends do. This is not a difficult concept to grasp people, and you're making a lot more out of it than need be.
  1. Frumpy Frumpy Frak's Avatar
    What if the people I'm trying to keep out of my account have access to my computer? This option should be togglable.
  1. Irisel's Avatar
    Quote Originally Posted by pixel View Post
    Do not want.
    Why would you not?!

    DO WANT!
  1. Kujja's Avatar
    Quote Originally Posted by staal View Post
    What about people in your house that you dont want to be using your account. this is from a ICT security pov a disgrace and renders the whole 2 factor authentication worthless.
    Don't give those people your password, problem solved.
  1. mmoc2afce35955's Avatar
    they're really gonna risk switching around security when all these hacks are floating around? they might be really secure but who knows what flaw this could potentially cause in the system.
  1. nightcinder's Avatar
    this is an awful idea. i had the dial in authenticator for a while, which is supposed to work on the same concept of having to call in to get the code when you're logging in somewhere out of the ordinary and i got hacked

Site Navigation