Battle.net Authenticator Changes

Originally Posted by huldu

This is a very risky move. If i already have your login/password through a trojan it means i already infected your computer. From there on i can easily probe your computer and route my connection through yours, and then it would appear that it is *you* connecting and not me. Hence the authenticator would be useless as it wouldn't even ask *you* for the pin. Bad, bad... Let's kick it up a notch, since they're doing this for money it means they most likely have the tools. I'd launch WoW from your computer when you're not even playing. Even if you detected it, it would be no different from you trying to log in while they are shifting your gold elsewhere. I remember the good old days of netbus. Was that not fun.

Really? When people manage to do all that you really think the first thing they're gonna do is login on an account from some random game? You really overvalue your wow account lol.

Originally Posted by Blackspur

2) Proxy IP server. Do you really think a multi-billion dollar company would solely base your location off of your IP, seriously?

After what we saw in the past - sure, I don't trust any security in the gaming industrie. Security costs money and because you don't see it, it's one of the first things they try to minimize to economize.

---------- Post added 2011-06-17 at 08:37 AM ----------

Originally Posted by Cruesli

Really? When people manage to do all that you really think the first thing they're gonna do is login on an account from some random game? You really overvalue your wow account lol.

In my guild alone 6 people have been hacked in the past - it's very common to get your account hacked if you don't use the authenticator. That's why I really don't want this new feature enabled. I prefer to type in my code every time just to be sure.

Originally Posted by Blaze

MASSIVE load of degenerates posting comments.
Please, if you have no idea what you're talking about, do not post.
Mega reponsepost incoming.


Are you stupid?
THEY WOULD STILL NEED TO INPUT YOUR PASSWORD, unless you are an absolute fool and keep all your passwords (including your World of Warcraft one) in a text file on your desktop under the name "ALL MY PASSWORDS.txt".
If your laptop gets taken from you, whilst you are sitting there, logged in to your account and then you get hacked because of it, well sir, you deserve to be hacked.


Idiot. Don't try and pretend to be smart.


"w/e its blizzards choice" - Don't make ignorant remarks.
Nothing has changed for you.


This makes no sense at all?
Nothing has changed, you will still be inputting Authenticator codes if you do not log into said account numerous times from one location? Which you clearly don't as they are your friends, who play at home usually, right?






You are all morons.


You really think "LulzSec/Anonymous" are the only groups of hackers around? Think again.
You really think this has only been happening "lately" ? Think again.
There are bigger and worse organisations, but I would think these groups have bigger targets to deal with than hacking into YOUR World of Warcraft account and stealing all your gold coins. Which anyhow, if said event does take place, you can easily ticket a GM and have everything stolen back within an hour.

- Simple responses for simple individuals.


Well said Sir, it's good to see some have brains in this community.
+ praise to numerous others as well but this post is already long enough.


I myself have gamed online for plentiful years and never been hacked once. Want to know why I haven't, and numerous other people like me also haven't?
I do not click retard links that claim I've won a prize on websites.
I do not click retard links that direct me to a FREE WOW GOLD WEBSITE.
I do not click links to obvious phishing websites (and when I say obvious, YES THEY ARE FUCKING OBVIOUS - LOOK AT THE URLS)
I do not follow links in stupid spam emails.
I do not download retard programs that claim will double my money and create me epic swords.
And above all, I am not a fucking idiot.
At the end of the day if you get hacked, it's your own fault 99.99% of the time, simple as that.

This is not an "EXTREMELY RISKY MOVE" on Blizzard's part.

I'm glad I don't play this game with ridiculous human beings such as yourselves anymore.
Good day.

+1 for you sir

Originally Posted by poachingbear

This new change is not liked by me at all. What if somebody managed to take my laptop when i wasnt looking? Accounts could be hacked soo easily, waste of an authenticator. And to save time when youre dc'd in a raid? It takes two seconds to enter in a SIX digit number...

If someone takes your laptop then they will still likely be asked for your auth key as your laptop does not have its very own IP address. IP address comes from the physical location not the object used to login at that location.

i just see the change beeing rewerted after 2-3days of getting tons of "omg i just got hacked"... i guess they dont really know how much information you can stole and use it to "lie" the auth server... gg

DO. NOT. FUCKING. WANT. THAT.

Are they stupid, seriously? It takes 6-10 secs to type it inn, now they just make authenticator useless to me. Im not internet-e-hero-security dude, but anyone knows thats bloody stupid.

Originally Posted by L05_PL

i just see the change beeing rewerted after 2-3days of getting tons of "omg i just got hacked"... i guess they dont really know how much information you can stole and use it to "lie" the auth server... gg

Clueless poster is clueless.
A combination of data from a PC can make it unique in the entire world adding encryption algorithms to it can make it even stronger.
But trying to explain things like this to you would be a waste of time i better explain it to a cow.

The new system is perfectly safe and it's a very nice and intelligent move to get rid of the authenticator input while keeping the same level of security.

personally i think its a great change, it doesn't change a thing really. unless someone broke into my house and was a wow addict and sat at my computer to play, but hed still need a pssword lol. so tbh all this hate posts have no clue how it truely works and/or don't own a authenticator already.

I love the change. I stopped using authenticator for months cos was too lazy to type the code every time, now its win.

Originally Posted by Nightelfsb

DO. NOT. FUCKING. WANT. THAT.

Are they stupid, seriously? It takes 6-10 secs to type it inn, now they just make authenticator useless to me. Im not internet-e-hero-security dude, but anyone knows thats bloody stupid.

It dont make it useless to you at all, if you log on from a different location, i.e round your mates. itll ask for the code. subsequently, if your account is being accessed from a totally wierd location it'll ask for the code, so your account is still secured by the authenticator unless thefts like using your comp to play wow while their stealing your belongings

Ive worked several years with network security for companies. Honestly i really dont see a problem with this...seems everything is covered. Im all for it!

Well to all that worrying about security but don't have the technical background to understand how it works.

There are countless ways of creating a UUID (universally unique identifier) for a PC there is no way for someone to fake this ID unless the encryption algorithms or whatever Blizzard is using to create this ID get stolen or something or if someone broke into your house and log in from your pc.

A simple example (not entirely accurate though) will be creating an ID by reading the serial numbers of various hardware parts hashing with a unique key like the mac address of your router and voila you got your own unique key than cannot be copied unless you know how it was created in first place.

The ID is unique by all means, it's like your retinal signature, it's perfectly safe and you can safely stop whining and embarrassing yourself.

When they introduced the dial-in authenticator, I switched to it, and got hacked almost immediately. Didn't pick it up at all.

I'm concerned.

I do hope they just check for your MAC adress Problem solved for all the dislikers here.

Originally Posted by Keosen

Well to all that worrying about security but don't have the technical background to understand how it works.

There are countless ways of creating a UUID (universally unique identifier) for a PC there is no way for someone to fake this ID unless the encryption algorithms or whatever Blizzard is using to create this ID get stolen or something or if someone broke into your house and log in from your pc.

A simple example will be creating an ID by reading the serial numbers of various hardware parts hashing with a unique key like the mac address of your router and voila you got your own unique key than cannot be copied unless you know how it was created in first place.

The ID is unique by all means, it's like your retinal signature, it's perfectly safe and you can safely stop whining and embarrassing yourself.

This.

And if someone really stoles your computer, he needs your password. If you're stupid enough to save your password to notepad, then it's your own fault.

Such silly ideas, why would you need authenticator in the first place? Can't you be careful? Maybe get a second hand PC to watch all the porn and virus contained sites. Jesus chirst monkey balls, how hard can it be? I never got hacked, and i had no authenticator at all. Keep you PC clean and you have nothing to worry about (and not to log in to phishing sites). You should not need it if you watch for phishing sites and virus infected porns.

This is stupid. Just plain stupid. I'd rather spend the 4 seconds it takes to login with the authenticator..

Why do they post reassurance on Twitter and not in the post they made about the change? Seems highly illogical to me.

the total lunacy of some of the posts is astounding here ..it,ll ask you for your code but will stop asking you if you log in at the same ip address not your computor address aka if you log in 6 times from your home desktop it will stop asking you but it,ll still be running .

Too the people saying but what happens if they steal my laptop etc ok simple answer is they take it somewhere else and connect it to a NEW ip address you silly poeple it,ll then ask for teh authenticator code.now unless they managed to steal your authenticator as well they aint getting in .

Blizzard have implemented this for peoples convineance just because it doesnt ask you for the code from the ip you log in every single day doesnt mean it isnt working or still protected.

So unless someone steals your laptop manages to connect to your internet hub within 100 meters or whatever the range is without you seeing them you have shit all to worry aobut .so stop worrying if you dont like it remove the authenticator from the account see what happens and find something more worthwhile to actually worry about .

I think this is a nice change, makes things a lot nicer. But then again, there's no one at my home who would want to hack my account, unlike the vast majority of people it seems...