Authenticator hackers best friend...

[Braeg]

/facepalm

first of all. never use the same password for stuff that's worth money and stuff that's random.

second of all. updated windows + using a browser that doesn't suck + noscript + decent antivirus == safe wow-account

Thanks for this, what would I do without the MMO-Champion forums!

[Vetis]

People seem to be missing the fact that, yes they can brute force your simple password but they also need your username/email address to even begin that.

you say you dont give it to random people..you didnt say you didnt give it to anyone. Have you logged in on someone else computer?

Their machines may not be as clean as yours. OK re-read after posting..since you admit sharing details, their PC was probably infected if yours wasnt.

you share details, tough.

[Spirion]

If they can Hax0r the GIBSON they can Hax0r ur accountz!!!

[DahLliA]

Thanks for this, what would I do without the MMO-Champion forums!

obviously someone needed this advice. or this kind of threads would be non-existant...

of course. no amount of advice can outweigh a lack of common sense...

[Divine_Comedy]

Nuh uh... If I had an 8 character password using upper,lower, and digits sending 500,000 tries per second and 500,000 computers it would only take 15 minutes so yeah Brute force attack actually happens.

ROFL.

damn because someones going to use 500,000 computers to hack one WoW account. damn you're pathetic. big time

[Simbert]

damn because someones going to use 500,000 computers to hack one WoW account. damn you're pathetic. big time

Congratulations, you are now officially immune to sarcasm.

[Deleted]

http://www.whatsmypass.com/the-top-5...ds-of-all-time
who needs brute forcing when people are stupid and to the one above me i know sarcasm is hard to read on the internet but the ROFL at the end of that post should have been a pretty sure give away

[Spirion]

Congratulations, you are now officially immune to sarcasm.

Thank you, I thought I made the sarcasm strong in that response... but obviously not strong enough for Divine_Comedy.

[Braeg]

obviously someone needed this advice. or this kind of threads would be non-existant...

of course. no amount of advice can outweigh a lack of common sense...

I appreciate your kind words DahLliA, it should all be fixed soon.

[Deleted]

Nuh uh... If I had an 8 character password using upper,lower, and digits sending 500,000 tries per second and 500,000 computers it would only take 15 minutes so yeah Brute force attack actually happens.

ROFL.

Mwah a bit misinformed, most bruteforce tools use dictionaries of common words instead of going letter by letter (you don't want to know how many people use passwords like "hello"), but even then i am pretty sure the login server has some kind of protection script to automatically block an account for 15 min or so after an x amount of invalid logins.

Then again i always tell people to get an authenticator, it only costs 7 euros, if someone can't shell out 7 euros for an authenticator they deserved to get cracked imho.

The authenticator uses a time-based digit generator with a unique hash, based on military encryption devices, if you have one your account is virtually unhackable.

The only other way to get a really solid security for your account is using a strict NAT router, several different antivirus applications and a webbrowser without flash and with a noscript plugin, if you think of that, just getting an authenticator is much easier

[Spirion]

Mwah a bit misinformed, most bruteforce tools use dictionaries of common words instead of going letter by letter (you don't want to know how many people use passwords like "hello"), but even then i am pretty sure the login server has some kind of protection script to automatically block an account for 15 min or so after an x amount of invalid logins.

Then again i always tell people to get an authenticator, it only costs 7 euros, if someone can't shell out 7 euros for an authenticator they deserved to get cracked imho.

The authenticator uses a time-based digit generator with a unique hash, based on military encryption devices, if you have one your account is virtually unhackable.

Thanks Watson.

[Nigeldruid]

I'm sorry to burst the bobble for some people, but not getting hacked doesn't mean you outsmarted anyone. My guess is that a lot of people tard out by clicking odd links etc, but that doens't mean that it's the only way of accessing someones personal information. Let me give you an example.

Do you use the same password for your WoW account and for a forum (ie guild forum)? Do you use the same email for your battle.net account and the before mentioned forum? Then your login data is stored in a database somewhere. This means that anyone with access to this database will be able to login to your account. Yes, most of these forums store the passwords encrypted to avoid this exactly, however these forums also contain the decrypt itself. Since most homepages use the same password for their database as for their FTP, anyone with access to one, has access to the other. Now a lot of these kind of forums uses PhpBB. An excellent open source forum, with only one weakness. It's been around for so long that anyone that's ever used it and has any sort of php experience knows it throughout. While they do try to secure this, it's just not possible for such flexible and easy-to-use software to make it 100% safe. Also most of these kinds of forums use a myPhpAdmin to handle the database. Again, they wanna make this as secured as they can, but it's not possible. This means that any seasoned hacker (and now we're actually talking about a hacker, not a keylogger) will be able to get your personal data within hours of trying. And not just yours, anyone using that forum, so yes it's worth the work.

TL;DR, Dont use the same password for WoW and other places, or get an authenticator.

[Deleted]

You do understand that there are programs out there that just brute force their way through the passwords right?

These programs can make tens of thousands password attempts in seconds.

Brute force? Are you actually being serious. There are millions of possible usernames, with literally billiions of possible passwords. Even blizzard would have protection in place for that sort of stuff happening.

Please, for the love of the wee man, think about what your saying. Because looking like a retard is never good.

[Deleted]

You need to cut back on the movies and t.v. Do you honestly think there are people out there making a concentrated effort to hack into individual accounts?

Like this?

http://www.youtube.com/watch?v=2efhrCxI4J0

[Acharai]

Common sense can keep hackers out for the most part, but the hacker will always be one step ahead of even the latest security software available.

I don't care how secure you think you are, if someone with the means wants access to your account, they will get it.

[Fojos]

Sure theres alot of cleaver and sneaky ways they can trick you to get your password and stuff.. but you still need to do something.

Yes, you need to do something. The only thing you need to do is connect your computer to the internet. Congratulations, you're now vulnerable.

[Cactrot]

Common sense can keep hackers out for the most part, but the hacker will always be one step ahead of even the latest security software available.

I don't care how secure you think you are, if someone with the means wants access to your account, they will get it.

"with the means" AND the desire. gold sellers, the most common "hackers", don't care that much about YOUR account. You aren't that special. If you take even basic steps to protect yourself, they will target someone else. Why try to break your security when some retard will respond to the spam mail with his account name, password, secret question and answer, mothers maiden name, social security number, family tree, and fingerprints?

It's like if you were going to mug someone and could mug a UFC fighter carrying a gun, knife, and wearing body armor, or a skinny dude wearing nothing but a suit of money. Not tough to decide which is worth the effort.

[Squirreludecker]

Not that I'm doubting the OP got hacked... but sometimes when I see people crying about their account getting hacked, especially after they say that they've taken extended periods of time away from wow, I wonder how many are actually keylogged and how many are people who sold (or bought) their account (or bought gold or power level service). Then after they tried to take it back (or had it taken back) for whatever reason and it won't work, start screaming about being hacked from fear of getting in trouble with blizzard, so they won't get the perma-ban and lose the account for doing something illegal anyway.

i actually did that with an EQ account. one of my friends gave me an account he wasnt using anymore, and i played on it for a few weeks until the "account owner" took it back. i gave him a simple option. he could give it back to me, or i would tell Sony that he sold the account to me and they would perma-lock it. since he refused, i got it perma-locked (it helped that they had an ip log from my system and his system)

[Diatribe]

OR what happened is that the OP sold his account and the person who bought it decided they'd make sure the OP didn't come back and ninja/steal the account from them (since they bought it) and assigned an authenticator to protect what they bought?