Battle.net Authenticator Changes

Originally Posted by resare

This is a very, very bad change

You are a very, very big idiot.

---------- Post added 2011-06-17 at 08:39 AM ----------

Originally Posted by -Zait-

I don't really know enough to make a decent opinion...but it seems rather...risky?

Steam has been using a similar system for years and years and it is safe as fuck. Stop being so god damn paranoid.

---------- Post added 2011-06-17 at 08:40 AM ----------

Originally Posted by dvstec

wow Blaze got his rage on!!

Still don't like the change, I want to use my authenticator EVERY time.

Also if Blizz finds an increase in compromised accounts im sure they will tweak/change or revert so not worried.

1. You're a paranoid little bitch.

2. They won't. (look at Steam)

Originally Posted by Aired

Don't like it. I would like to be able to turn this feature off, could be risky if you use a tunnel service.

How exactly? Just means youll have to enter in your code every time, wont change a thing for those using tunnel services.

Originally Posted by Buzzinjoe

You are a very, very big idiot.

---------- Post added 2011-06-17 at 08:39 AM ----------



Steam has been using a similar system for years and years and it is safe as fuck. Stop being so god damn paranoid.

---------- Post added 2011-06-17 at 08:40 AM ----------



1. You're a paranoid little bitch.

2. They won't. (look at Steam)

lol Blaze has a evil bitter brother I see.

Dude, I said I'm not worried, how is that being paranoid, I just like using my authenticator, is that so wrong?

To me it defeats the purpose of the Authenticator.

At first the authenticator is a pain to use and I cursed every time I logged in, but after a few weeks it became second nature and I don't have a second thought about it when I log in ... even when I get disconnected and need to reconnect quickly.

Personally I think they should improve security for those without authenticators, like offering a screen keyboard option to let people click their password instead of typing it in to defeat keyloggers. I guess you could do the same with the authenticator code, but it would be less of a benefit there.

This is a very risky move. If i already have your login/password through a trojan it means i already infected your computer. From there on i can easily probe your computer and route my connection through yours, and then it would appear that it is *you* connecting and not me. Hence the authenticator would be useless as it wouldn't even ask *you* for the pin. Bad, bad... Let's kick it up a notch, since they're doing this for money it means they most likely have the tools. I'd launch WoW from your computer when you're not even playing. Even if you detected it, it would be no different from you trying to log in while they are shifting your gold elsewhere. I remember the good old days of netbus. Was that not fun.

Originally Posted by huldu

This is a very risky move. If i already have your login/password through a trojan it means i already infected your computer. From there on i can easily probe your computer and route my connection through yours, and then it would appear that it is *you* connecting and not me. Hence the authenticator would be useless as it wouldn't even ask *you* for the pin. Bad, bad...

Blizzards Warden program would have an anti remote connection feature in it somewhere.

A similar thing can be done with the current system anyway, the trojan logs your keypresses and transmits it back to the hacker (so they have your password and current authenticator code), the trojan disconnects your connection before the code can be transmitted (the codes are single use so this stops it being wasted), the hacker then quickly enters in your info as well as the current code.

If anything this type of hack will be hampered by the new system, because they wont be able to get your authenticator code 9/10 log ins and thus cant access your account

Originally Posted by poachingbear

This new change is not liked by me at all. What if somebody managed to take my laptop when i wasnt looking? Accounts could be hacked soo easily, waste of an authenticator. And to save time when youre dc'd in a raid? It takes two seconds to enter in a SIX digit number...

If they took your laptop, and sign in with a different internet provider, it changes the IP, the IP is given off by YOUR MODEM ONLY. It changes when applied to a different ISP/Modem.

Dont use it :P

hmm, in on the fence on this one, I would like the convenience, but it does seem a bit of a risk. (: Only can wait and see tho

Its amazing how many stupid people are out there. If you log onto your home computer over and over you don't have to put in a code, but say you log into your acct on the PC next to you, you will have to put your code in. It goes off of IP AND MAC address of your pc, (I JUST TESTED IT IF YOU DON'T BELIEVE ME). Also if you sit there and log in to your wow acct on two different sources all the time pretend this post didn't exist IT DON'T AFFECT YOU!!!!!!!!! Go back to school children please!

This is really stupid, people are gonna come up with hacks that shows that they're at your house when logging in.. Atleast give this an option to turn on or off.. -.-

Originally Posted by Menolikeu

Its amazing how many stupid people are out there. If you log onto your home computer over and over you don't have to put in a code, but say you log into your acct on the PC next to you, you will have to put your code in. It goes off of IP AND MAC address of your pc, (I JUST TESTED IT IF YOU DON'T BELIEVE ME). Also if you sit there and log in to your wow acct on two different sources all the time pretend this post didn't exist IT DON'T AFFECT YOU!!!!!!!!! Go back to school children please!

IP AND MAC address?

it does both?

Well that's nice :/. I log in occasionally from the UK when I'm at my boyfriends place and he logs in at my place in the Netherlands as well. If this doesn't work well we're going to get banned because we might be considered hackers -.-. Entering the authenticator numbers is only 3 seconds, big deal to do that, sheesh.

in case no one posted this yet

https://twitter.com/#!/BlizzardCS/st...93177147727872

ofc they will not reveal on what is the fingerprint based on, but I assume the client sends more information to blizzard login server than an IP address. It's all speculations you people come up with, calm down and enjoy not having to put in the 6digits everytime you login or when you get dc'd.... actually you want to login as faster as you can back into dungeon after you got dc'd.

To save 5-6 seconds of login? i got the keychain autch no issue's realy logging in fast enought >.>

Originally Posted by Katellia

Well that's nice :/. I log in occasionally from the UK when I'm at my boyfriends place and he logs in at my place in the Netherlands as well. If this doesn't work well we're going to get banned because we might be considered hackers -.-. Entering the authenticator numbers is only 3 seconds, big deal to do that, sheesh.

That has absolutely nothing to do with the Authenticator system. Where did you get that idea?

Blizzard have always monitored account log in areas and they get locked if theres any anomalies in log in patterns (I.e random log ins from the middle of Africa when you live in the US).

You have an equal chance now of getting your account locked as you did last week, the change to the authentication system wont change that.. Stress Less.

Originally Posted by Michalev

I think it is funny that a few people have already complained about a SIX digit number, apparently they have never used an authenticator, because, in fact, it is an EIGHT digit number

Lol moron it is 6 digit...Love ppl like you who actually have no idea and trying to blame others who knows XD seriously pls commit a suicide irl since you only consume the oygen further generation requires...

Originally Posted by c4nb3rk

Lol moron it is 6 digit...Love ppl like you who actually have no idea and trying to blame others who knows XD seriously pls commit a suicide irl since you only consume the oygen further generation requires...

LOL

SIX on keychain

EIGHT on Mobile app

Might want to re-think your suicide advice

This topic cracks me up "Waaaah I play in different locations and this means I have to enter my authenticator every time I log in" Yes, exactly like now, stop whining.

They should log in your profile every login and login attempt so you can track easily if someone is trying to scam you