Community Manager
|
If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you. We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist |
#1
6/16/2011
|
|
I don't like this
|
|
Edited by Kodiack on 6/16/11 4:13 PM (PDT)
I shall use the third post slot to my advantage!
First off, this will not negatively affect your account's security from outside sources. http://twitter.com/#!/BlizzardCS/statuses/81485048242651136 Blizzard's security developers are far more intelligent than they're often given credit for. With dozens upon dozens of company databases compromised within the last few weeks, Blizzard's bound to be doing everything they can to ensure their system is locked down as tightly as possible. Now would be one of the absolute worst of times for Blizzard to even think about using laxer security methods. http://twitter.com/#!/BlizzardCS/statuses/81493177147727872 You will not be able to be compromised through IP spoofing or the like. Such an elaborate system is going to be well-designed and use information beyond just location. While we won't know exactly what data is collected, it isn't data that would be easily duplicated (e.g. hardware IDs). Additionally, please note that there was a so-called "man-in-the-middle" compromise that would snatch an authenticator code after it was entered and then crash WoW's executable, submitting the valid code to someone hoping to break into your account. While this method will still function, it will be defunct on systems that are already affected by this change. No authenticator code to enter means no authenticator code to steal. ________________________________________________ The wise speak only of what they know. - J.R.R. Tolkien CORE I7 3.8GHz | 12GB RAM | ATI 5970+5870 | F120 SSD Live Support: irc://chat.freenode.net/wowtech |
|
Edited by Vzory on 6/16/11 2:33 PM (PDT)
Just saw this on breaking news, thankfully it asked for my authenticator numbers when I logged on, I hope it always does, same location or not. The reason I bought the authenticator was an attempt to prevent my account from being hacked, now it's not going to ask for it? Why even have one if that is the case? I personally don't like this update and would prefer the intrusion, and having to input it everytime.
Out of curiosity, will it be possible to opt out of that? While I'm sure the developers will roll out software that is indeed quite "intelligent" and does the job well, I would like to have the option to always use my authenticator regardless of where I'm logging in from. ^^ This! |
I agree with this. I'd like to have the option to always use my authenticator. |
|
Edited by Kinvann on 6/16/11 2:38 PM (PDT)
This is a catastrophically bad idea. If thieves have tricked someone into downloading a keylogger to get the login info, they can just as easily immediately fake a login to bnet2.0 from the victim's machine.
Edit -- I said they would use a keylogger to get the authcode, when obviously they don't need that any more, just the login. Also, /facepalm |
|
Edited by Pozadin on 6/16/11 2:33 PM (PDT)
|
If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you. Is there anyway to make it so that it will ask everytime? |
|
My concern is that the dial-up authenticator already does this... and is much less secure because of it.
I fail to see how someone that gets a program on my computer to keylog me can't also grab my IP and spoof it? Is there something I'm not getting here? |
|
Someone needs a nap.If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you. |
|
Yay!
|
Your really not supposed to be able to do that from what I hear, if they want to play they need their own account. |
