Battle.net Authenticator Changes(Cont. #13)

(Locked)

85 Draenei Shaman
3955
Battle.net Authenticator Changes (Cont. #12)

Original Post- http://us.battle.net/wow/en/forum/topic/2674529777
Continued #1 - http://us.battle.net/wow/en/forum/topic/2674529963
Continued #2 - http://us.battle.net/wow/en/forum/topic/2674980195
Continued #3 - http://us.battle.net/wow/en/forum/topic/2674530481
Continued #4 - http://us.battle.net/wow/en/forum/topic/2674990599
Continued #5 - http://us.battle.net/wow/en/forum/topic/2674990905
Continued #6 - http://us.battle.net/wow/en/forum/topic/2674531340
Continued #7 - http://us.battle.net/wow/en/forum/topic/2674981505
Continued #8 - http://us.battle.net/wow/en/forum/topic/2674991820
Continued #9 - http://us.battle.net/wow/en/forum/topic/2674642285
Continued #10- http://us.battle.net/wow/en/forum/topic/2711911224
Continued #11- http://us.battle.net/wow/en/forum/topic/2712012362
Continued #12- http://us.battle.net/wow/en/forum/topic/2721563580


If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist
100 Undead Death Knight
3485
(response to post near end of prior thread)

07/01/2011 11:49 AMPosted by Abuurdek
If I had a room-mate that I didn't trust with something as meaningless as WoW (and let's face it, there are much more important things in a house/apartment/..., I'd be looking for somewhere else to live. If it's siblings, whatever, be a bit more secure in your security habits. Don't give them your passwords, e-mail address for the game, etc. Remember - you should not be sharing that information with anyone.


First off, not everyone has the luxury of choosing where to live, or who to live with.

In a college dormitory or military barracks, you are assigned a room-mate (or two, or five, or more).

For others, there may be economic reasons why they cannot choose who they live with. In some places, rent is so high that those making minimum wage must share apartments, even with (at first) complete strangers.

For yet others, there may be social reasons. Perhaps, for example, your dearly beloved wife's deadbeat brother lives with you - and to get rid of him, you'd have to lose your wife and kids too.


Second off, I've already shown, time after time, that a sibling or other person can get your password and account email without you giving it to them ... with a hardware keylogger. Fifty bucks, for the cheap ones. If you've got enough good stuff (or your guild bank does), they could make a profit even if they never used the keylogger again.
Edited by Brelyx on 7/1/2011 1:32 PM PDT
85 Worgen Mage
2895
response to post near the end of the previous thread:

07/01/2011 11:49 AMPosted by Abuurdek
Blizzard has already stated that any in-home violations of an account with an authenticator would result in either nothing being done, or a complete banning of the account. This means my authenticator is now more of a liability than a form of protection. No authenticator, I can at least get my stuff back. With an authenticator, I might get my whole damn account banned.


If I had a room-mate that I didn't trust with something as meaningless as WoW (and let's face it, there are much more important things in a house/apartment/..., I'd be looking for somewhere else to live. If it's siblings, whatever, be a bit more secure in your security habits. Don't give them your passwords, e-mail address for the game, etc. Remember - you should not be sharing that information with anyone.


Room-mates have friends, and I'm not freinds with all of my room-mates friends. Nor do I feel the need to check up on all of their credentials. I'm happy enough to have a room-mate that doesn't steal my stuff. I'm not going to be so intrusive as to interrogate him on all of his friends and girlfriends.

And most parents won't allow their kids to put a password on a shared computer's user profile as that would disable their ability to check up on what thier kid has been doing on the computer/internet. In fact, you'll be hard-pressed to find a parent that lets thier kid put a password on thier profile. Just last week I was in a random dungeon where the tank was played by a 13 year old; we found out when he asked "Who's McGruff?" in response to a number of our jokes. The kid was a great tank, better than many I've randomed with; I want him to keep playing WoW.

When I was a kid, my older sister used to go into my room and break my G.I. Joes whever she was mad at me. This behaviour is extremely common and still persists today. However, nowadays, kids don't have G.I. Joes, they have video games with save files and user accounts. The family that plays together stays together, and angry little Suzy is just as aware of how treasured little Johnny's character is to him as my sister was of my love for Sgt. Slaughter and his Marauders. If that 13 year old tank's sibling decides to pull shenanigans on his character, his account would get banned. And I'd be stuck with another tank that thinks continually running in circles is the best way to hold aggro.

You can't always decide who you live with. In fact, you very rarely can.

Regardless, that wasn't what I was trying to use as an example. If a hacker were to access my account, it would require him to fool the system into thinking it was from my computer no matter where he was actually doing it from. Blizzard would just see this as being done from my system, even though the only people who sit at my desk are me and an overly intrusive cat. This works more against me than it would the hacker. I'd rather get my uncontested account restore and have a semi-good meal in the process.
90 Human Death Knight
8780
I said this:Dear Battle.net,

I would like to make a request involving World of Warcraft's authentication dilemma. I & many other players would like to have an Opt- Out function for no need of using an authenticator when logging onto the game on the same computer. And with that I have many reasons to back up my opinion. Plus i would prefer a reply, many players have added to a long (continued 11 or 12 times so far) post and none have received even a small reply.

Reasons
1. If this remembers your IP address, hackers could easily infiltrate your system and potentially destroy your account and all of your hard work with it.
2. The main reason why I received my authenticator was to keep those not allowed on my account off it, and now my account is vulnerable to unauthorized access like vengeful family members, friends, and ect.
3. I prefer taking the extra 5 seconds typing in my 8-number authentication code when logging in so I know my account is safe.
4. This also seems to not have good security and that it wasn't thought through long enough, when i logged on the day this began, I was in shock, believing i was hacked and my authenticator was gone due to the no announcement about this before it even happened.

Thank you for your patience in reading this. And please add an opt-out button to this. That is all I ask.

Afterwards a Technical support person said

Thank you for contacting us concerning the recent game updates. Unfortunately, Technical Support cannot assist with these types of questions. That does not mean we do not want your feedback concerning our patches.

Every day we are working to improve the overall World of Warcraft experience. The changes in this patch represent the best efforts of our developers to create a fun environment that is balanced and fair for everyone. This includes a number of game play, bug and crash issues along with class and race changes to balance out the game. We understand that, over the course of developing a game as complex as World of Warcraft, a significant amount of time will be necessary to provide adequate fine tuning. The changes and fixes that were made were done to improve the overall experience for every player. We are constantly refining the game mechanics as we receive feedback from our players. For this reason the game is constantly changing, and what is in place now, may not be in the future.

Blizzard is lucky to have fans who take the time to contribute new game ideas and suggestions for improving our products. While we value the feedback and perspective our customers offer, we are legally restricted from accepting such propositions via email or in-game petition. We highly encourage you to log on to our Forums. For World of Warcraft you can go to (http://us.battle.net/wow/en/forum/) and post your thoughts there. Please select the forum which is most closely associated with your suggestions and/or feedback as this provides a valuable opportunity for Blizzard staff members to collect feedback from those who know our games best. While we cannot guarantee you will receive a response, we can assure you that the Forums are regularly read, and the suggestions posted there do make an impact on our game designs.

Kind of dissapointing, i hoped this would resolve the problem :(
85 Human Mage
970
I really don't want to QQ about the recent security changes, because there are 13 locked threads equating to about 19000 some odd posts doing so already. What I really want, is someone to explain the why to me. I don't get it. Maybe I'm a little slow. Yes, the truth is, I had my account locked today because my ISP didn't match the "pattern". So I changed my password and all that jazz, and everything is all good. This is really going to be a pain in the ass going forward, because I travel. There is no "pattern" to my travel. Maybe if I understand the reasoning, or logic, I won't mind having to go and change my password every time you're going to make me do so.

1. We spend thousands of hours leveling and raiding, but 6 seconds is too long to enter an 8 digit number when we log in? Really?

2. You're tracking ISP's so that people don't always have to enter their authenticator code. That's kind of like me going to an ATM and not having to enter my PIN, because it's the ATM I always go to. Really?

3. The so called "dial in authenticator"....which I may be mistaken, but I believe I saw blue posts stating isn't as secure and isn't meant to be a replacement for the mobile authenticator, but you can't have both. Really?

4. If I log in from the same ISP, I don't need to spend 6 seconds typing in an authenticator code, but you'll know it's me. Really?

5. If I log in from a different location, AND ENTER MY AUTHENTICATOR CODE, you'll lock my account because you don't believe it's me. Really?

6. If the ISP doesn't fit the pattern I can't log in to the game if I enter my password and authenticator code, but, that's the info you ask for to get into account management, and it doesn't matter what my ISP is. Really?
85 Blood Elf Warlock
1120
You know, I appreciate this person posting this, what supposedly came from a GM...

But unless it's a blue post, it's not an official response.

I don't mean any disrespect to the person who posted that, in fact, thank you.

But GM's have been caught on many occaisions with their foot in their mouth, saying something that they either could not back up, or that simply was not true at all.

So for me, this is not good enough.

Afterwards a Technical support person said

Thank you for contacting us concerning the recent game updates. Unfortunately, Technical Support cannot assist with these types of questions. That does not mean we do not want your feedback concerning our patches.


This is pure gold right here... Technical Support cannot help you... So we're going to throw your entire 6500 post thread into the Technical Support forum where we admittedly can't help you... And then, just to top it all off, when you post in an area where someone could potentially help you, we're going to lock / delete your post immediately and tell you to come here to the Technical Support forum....

Where you will get no help for this issue at all...

And while we would love to have your feedback, we have removed all the feedback forums as well, so we're just going to tell you that the thread in Technical Support is a "Feedback" thread, but we all know that's a bunch of malarky... The feedback forums are gone!

Good luck voicing your opinion! We've removed all your avenues of complaining!
Edited by Vudusinge on 7/1/2011 3:15 PM PDT
85 Human Mage
970
Ooooh....my bad. I should know better than to question, because I was born with a defect that causes my wires to get crossed and short out, and things don't make sense. Now that I've banged my head against the wall a couple hundred times and knocked the wiring around, I see the light......Play at home, on one computer, with a static IP address. It's really no problem at all....Baaaaaaa
Edited by Darkbeond on 7/1/2011 3:44 PM PDT
85 Tauren Death Knight
4895
I am curious when Blizzard is going to fix their mess up with this. They took the security they promised with the Authenticator. Now it is only secure the first time you log on in a certain amount of days. Not every time. It has been 15 days since they screwed it up and still not fixed. Sad! =( Where is the customer support? Where is the security they promised us with the Authenticator? I think I will be contacting the Better Business Bureau.
Edited by Zeeus on 7/1/2011 4:31 PM PDT
90 Human Death Knight
8780
07/01/2011 04:30 PMPosted by Zeeus
I think I will be contacting the Better Business Bureau.


good idea, maybe that will change blizz's mind about this..... if they are even looking at this post, which i doubt
12 Tauren Shaman
0
Posted by Zeeus
I think I will be contacting the Better Business Bureau.


good idea, maybe that will change blizz's mind about this..... if they are even looking at this post, which i doubt


Too bad the BBB got caught selling good ratings.
100 Blood Elf Hunter
17725
Here are just a few problems cause by this change:

1. Several players have tested this system, and it appears that in many cases that Computers/locations/Ips that they have logged in the recent past(Weeks even Months ago) have been saved as “Trusted.”

It is one thing to announce: From this day forward any Computer/location/IP you ever log in from, using your authenticator, will be saved as safe and you will never have to use your authenticator from it or there again. It is another thing for it to be retroactively be applied to any computer/IP you accessed, your account from before the announcement. Just how back does the Approved access sites go? One week, two weeks 6 months?

Being told after the fact that you shouldn't have accessed your account from a shared computer or an internet cafe, 2 months ago is not at all helpful. Where as being told from this date forward you shouldn't access your account from one, is helpful. Although Blizzard may lose a lot of their 3rd world customer base, as well as a lot of collage students and military personnel.

It should be only combination of the last Computer and Location/IP be saved as "Trusted". That way you do not need to worried about any other computer that you no longer have control of, nor do player who have lap tops, have to worry about their WoW account if their computer is stolen.

Ideally Blizzard should allow players to chose which computer and location is "Trusted", and if the player doesn't have a trusted computer and/or location, they should be allowed to op out.

2. Many players are not in ideal living situations. They have to share computers, use public or simi-public computers. They have untrustworthy roommates, bunk-mates, and/or household members. These are people who are collage students, military personnel, still live with mischievous siblings, or spiteful wives/girlfriends. Some are players whom for some reason or the other currently don’t own their own computer and must play an internet cafe. Many of these players were actively sold the Authenticators, by blizzard personnel. As insurance in case someone is able to get a hold of their log in information, regardless it a gold farmer in China or a household member. These players did the responsible thing, by adding one for the added layer of security.

These players need some other way to help secure their accounts. It doesn't matter how secure your password is, if someone knows you well enough they can guess SQ&A to not only your Wow account, but to your email account as well.

I have seen many a QQ thread in the CSF where someone's brother were able to find out their log in information, and wrecked havoc to their account, and Blizzard refused to restore anything because there was no sign of a compromise. They were told by Blizzard personnel to get an authenticator to ensure it doesn't happen again. Now thanks to this it can.

3. In relation to 2 above: This change weakens the protection that Guild banks with Authenticator required ranks with Bank access. If someone is able to gain access to a guild officers computer and account information, can strip the guild bank as well as his individual account.

Because the compromise is from his computer, it is doubtful that Blizzard will restore the Guild Bank. Or if they do a restoration, it would on the bases of a Guild Bank Theft. In which case the guild member in question could get his account suspended, or even banned.

Also if he is one of the guilds key members(like only raid ready tank) the GL might be very reluctant to report it. As the player may get suspend and or gear stripped, leaving him and the guild unable to raid. In ether case the guild will most likely have to eat the loss. guild leaders need a tool to let them know if a player has op in or out of this. While the player may have a trusted computer/location the guild leader shouldn't have to trust it too.
85 Draenei Shaman
3280
Getting buried just like they want it to do. They are saving money with this change. Not upgrading security. Those of you that think its an upgrade I suggest you go talk to a security expert. Which by they way is not someone that works for blizzard.

This 2 weeks and not a word on anything just goes to show they really dont care. And have basically told us to go to hell.
40 Gnome Mage
470
You know, I appreciate this person posting this, what supposedly came from a GM...

But unless it's a blue post, it's not an official response.

I don't mean any disrespect to the person who posted that, in fact, thank you.

But GM's have been caught on many occaisions with their foot in their mouth, saying something that they either could not back up, or that simply was not true at all.

So for me, this is not good enough.

Afterwards a Technical support person said

Thank you for contacting us concerning the recent game updates. Unfortunately, Technical Support cannot assist with these types of questions. That does not mean we do not want your feedback concerning our patches.


This is pure gold right here... Technical Support cannot help you... So we're going to throw your entire 6500 post thread into the Technical Support forum where we admittedly can't help you... And then, just to top it all off, when you post in an area where someone could potentially help you, we're going to lock / delete your post immediately and tell you to come here to the Technical Support forum....

Where you will get no help for this issue at all...

And while we would love to have your feedback, we have removed all the feedback forums as well, so we're just going to tell you that the thread in Technical Support is a "Feedback" thread, but we all know that's a bunch of malarky... The feedback forums are gone!

Good luck voicing your opinion! We've removed all your avenues of complaining!


Srry.. thats not "blue" so its not good enough.. haha.. No disrespect taken .. just havign a little fun..
Ok.. now thats out of the way... your welcome :D..
The information I posted was from the battle.net ticket system.. not and in game GM per say. I chose to do the copy/ paste thing over the "post a link to an image thing" because it was the fastest way for me to share the information imo. One final note to those that may doubt the authenticity of the information I posted: I rarely post on these forums, BUT I do know that posting what I have on this topic, and stating that it is in fact from Blizzard word for word when it isn't, is grounds for a perma ban... These forums are "monitored", "policed", "censured" or what every people want to call it on a regular basis. If what i posted was false.. it would have been deleted and i would not be posting right now :) have a good night folks :)
85 Blood Elf Warlock
1120
07/01/2011 08:45 PMPosted by Throwme
One final note to those that may doubt the authenticity of the information I posted: I rarely post on these forums, BUT I do know that posting what I have on this topic, and stating that it is in fact from Blizzard word for word when it isn't, is grounds for a perma ban... These forums are "monitored", "policed", "censured" or what every people want to call it on a regular basis. If what i posted was false.. it would have been deleted and i would not be posting right now :) have a good night folks :)


Oh, I don't know that I would worry about that... Blizzard has ignored everything else in these threads, why pay attention to someone breaking the rules? :) Selective monitoring at this point would seem pretty silly...
100 Night Elf Hunter
11780
07/01/2011 10:34 PMPosted by Vudusinge
One final note to those that may doubt the authenticity of the information I posted: I rarely post on these forums, BUT I do know that posting what I have on this topic, and stating that it is in fact from Blizzard word for word when it isn't, is grounds for a perma ban... These forums are "monitored", "policed", "censured" or what every people want to call it on a regular basis. If what i posted was false.. it would have been deleted and i would not be posting right now :) have a good night folks :)


Oh, I don't know that I would worry about that... Blizzard has ignored everything else in these threads, why pay attention to someone breaking the rules? :) Selective monitoring at this point would seem pretty silly...


Very true. Although I would not be shocked to see them ignore the thread except if they dislike something that was said in it.
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]