Battle.net Authenticator Changes

So.. I don't see a problem with this. Someone commented on it as "being lazy". First of all it may be but that never stopped you or 90 percent of people complaining about laziness from using a remote control to change the channel on t.v. Second isn't that the CORE of World of Warcraft is laziness I mean cmon what are you really doing but sitting on your ass waving a mouse around and pounding on keys on a keyboard.

To all "I have never been hacked, you are all morons" - you just got lucky. If you really think you are smarter than the hackers out there that know backdoors and tricks you never ever had a single clue that they even existed I have news for you: You are not. You just got lucky, that's all. All the "security software" out there can and has been hacked several times and they fixed it until the next hack. Companys like Microsoft got hacked, Sony got hacked, Joe Average with his level 30 WoW toon got hacked. If you think you are too smart to get hacked, think again.

I prefer my security the way it is and don't want to water it down, thank you very much.

Its not like everyone that bought an authenticator knew in advance that they ll have to type in some extra code in order to login. 4 secs is srs business. Anyway less time on silly things that dont neec changning more content plix .

Originally Posted by c4nb3rk

Lol moron it is 6 digit...Love ppl like you who actually have no idea and trying to blame others who knows XD seriously pls commit a suicide irl since you only consume the oygen further generation requires...

It is you sir who is the moron, because the mobile authenticators (iPhone, iPod etc) as a matter of fact are 8 digits (just checked this on my iPhone). Have a nice suicide, your contribution to the increased oxygen supply is appreciated.

Meh. You guys have nothing else to do but bitch about something you don't understand?

1. Getting your PC stealed: no matter that they steal it, even if with the authenticator, as they do not know your password! Well, unless you save it to a txt, but then you are mentally handicapped anyways.

2. Zomg they have access to my computer: a. they do not know your password (still) b. put a god damned windows password on it c. lock your room d. shoot anyone who touches your PC without your permission e. kensington lock.

3. It's not just by IP address, just because that's the only term you learned, no need to run your circles like a headless chicken on the forums.

4. Pretty sure their experts know what they are doing. Nuff said.

Bottom line: don't be an idiot and nothing changes.

Originally Posted by Kryos

To all "I have never been hacked, you are all morons" - you just got lucky. If you really think you are smarter than the hackers out there that know backdoors and tricks you never ever had a single clue that they even existed I have news for you: You are not. You just got lucky, that's all. All the "security software" out there can and has been hacked several times and they fixed it until the next hack. Companys like Microsoft got hacked, Sony got hacked, Joe Average with his level 30 WoW toon got hacked. If you think you are too smart to get hacked, think again.

Your post is lacking logic.
If we accept it as true then every second of your life your can be bombarded by enemies while sitting on your pc.
Someone needs a reason to attack you as a person.
Comparing Sony with a random WoW player is making logic sad and universe is imploding.
Attacks that target groups of users are based entirely on users awareness and hoping that user is dumb enough to fell for it there is no magic tricks every attack is waiting for a door to be opened by you.

Originally Posted by Kryos

I prefer my security the way it is and don't want to water it down, thank you very much.

It's not watering anything down you just lack the technical background to understand how wrong you are.
I don't know how to make you understand it but let's say that what are you claiming it's like saying
"I painted my house door white so now i have a higher chance of getting robbed" it makes no sense and that's how dumb your claims are.

Modem just DCd, it cycled a new IP address etc.

Client asked me for an authenticator code, working fine Chillax guys

I'm of two minds about this. While it definitely will make the whole disconnection issue less annoying, it also opens up some issues with shared internet connections and the like.

Personally I'd prefer some sort of "grace period" where for 10 minutes after you disconnect, your Authenticator is not required to connect from the same IP address as you previously connected from. This way getting booted isn't a problem, but if you share your computer, or log in from an internet cafe, it reduces the risk of account theft.

I hope it's an optional feature.

First..... you both are right, the mobile authenticator is indeed 8 digits. The keychain fob, however, is 6.

Originally Posted by Tala

It is you sir who is the moron, because the mobile authenticators (iPhone, iPod etc) as a matter of fact are 8 digits (just checked this on my iPhone). Have a nice suicide, your contribution to the increased oxygen supply is appreciated.

Second, back to the point of the post. Many of you seem to be under the false assumption that the authentication system is turning off the mobile authenticator all together. This is not the case. What is happening is this, the system is checking a number of things including; 1, where are you logging in from (ie, IP address and service provider), 2, is the computer that you're logging in FROM is the one that you normally do. If either (or both) of these conditions are failed, you are presented with an authenticator screen - if passed, then you will enter the world.

Thanks

Anubas

There is no other PC on the world atm that has the same X with you
X= Create_Key_Algorithm_based_on_globally_unique_data

Account keosen logged from X at 01/6/2011, 14:56:22 -Authenticator Window pop up-
Account keosen logged from X at 02/6/2011, 10:42:55 -Authenticator Window pop up-
Account keosen logged from X at 02/6/2011, 17:52:41 -Authenticator Window pop up-
Account keosen logged from X at 05/6/2011, 22:33:24 -Authenticator Window pop up-
Account keosen logged from X at 06/6/2011, 09:17:41 -Authenticator Window pop up-

Five consecutive log-ins from X, flag X as account-bound machine

Account keosen logs from X at 07/6/2011, 16:56:22 -No Authenticator Window pop up-
Account keosen logs from X at 07/6/2011, 18:44:15 -No Authenticator Window pop up-
Account keosen logs from X at 08/6/2011, 18:45:11 -No Authenticator Window pop up-
Account keosen logs from X at 08/6/2011, 22:33:37 -No Authenticator Window pop up-
Account keosen logs from X at 08/6/2011, 09:17:36 -No Authenticator Window pop up-

Account keosen logs from !=X at 10/6/2011, 11:14:36 -Authenticator Window pop up-
Reset X

There is no way to replicate X beside stealing the physical machine or the Create_Key_Algorithm_based_on_globally_unique_data algorithm

If you can't understand that then i'm just one more step closer from losing faith on humanity.

And for all those on a dynamic IP address (probably most private households) - you will probably need to enter the authenticator key at least once every 24 hours anyway.

Originally Posted by Doldoc

I do hope they just check for your MAC adress Problem solved for all the dislikers here.

Not solved at all. Mac is actually easiest thing to copy and change. Each network card has its own but its also simple as hell to change it. Just few click here and there.

I never found typing a 6 digit number hard, it actually became a natural reflex when logging in. So I don't really see much benefit from this.

It seems to me that this just opens an avenue of exploitation for hackers. But then I am going to assume that they have people at Blizz who know a lot more about security than me, so I'm just going to put my faith in them. Its not as if it can't be reverted if an exploit is found.

Originally Posted by Mudkiper

Hope this has an opt out option.

I strongly agree with this.

They should make it optional.

I appreciate you trying to convince them it will be alright but I fear it's in vain. All they see is "authenticator" and "not each login" and you lost them. :P

Honestly, I like this change. It means those with an authenticator can live without the pain of a disconnect at a bad time, delaying them anymore then it has to.

But, with this there are a few things people should know:

[1] Blizzard are not just starting to track your I.P. address, they've been doing it since the launch of World of Warcraft, so don't panic about them suddenly knowing where you live.

[2] This system will mean that you can log into any computer around the house, as internet I.P Addresses are connection based (Ie: Household, Workplace) instead of each individual computer. This means should you have a disgruntled member in the house hold who knows the password, they could get into the account from another computer.

Yeah I just got DC'd and when I logged in, I went to grab the authenticator but it went right past that screen. Worried me for a moment, quickly checked my inbox.

Overall I like this very much, it's incredibly tedious using that thing what with the memory errors and random dc's.

Originally Posted by poachingbear

This new change is not liked by me at all. What if somebody managed to take my laptop when i wasnt looking? Accounts could be hacked soo easily, waste of an authenticator. And to save time when youre dc'd in a raid? It takes two seconds to enter in a SIX digit number...

Sorry, but in order for something like that to happen you need to be utterly stupid! Steal your pc while not watching and go straight to WoW?! Rofl, get serious!