Battle.net Authenticator Changes

Technical Support
1 2 3 26 Next

If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist
Thank you so much! This is one of the best changes I have seen in a long time.
Highly Rated
I don't like this
Highly Rated
I shall use the third post slot to my advantage!

First off, this will not negatively affect your account's security from outside sources.

http://twitter.com/#!/BlizzardCS/statuses/81485048242651136

Blizzard's security developers are far more intelligent than they're often given credit for. With dozens upon dozens of company databases compromised within the last few weeks, Blizzard's bound to be doing everything they can to ensure their system is locked down as tightly as possible. Now would be one of the absolute worst of times for Blizzard to even think about using laxer security methods.

http://twitter.com/#!/BlizzardCS/statuses/81493177147727872

You will not be able to be compromised through IP spoofing or the like. Such an elaborate system is going to be well-designed and use information beyond just location. While we won't know exactly what data is collected, it isn't data that would be easily duplicated (e.g. hardware IDs).

Additionally, please note that there was a so-called "man-in-the-middle" compromise that would snatch an authenticator code after it was entered and then crash WoW's executable, submitting the valid code to someone hoping to break into your account. While this method will still function, it will be defunct on systems that are already affected by this change. No authenticator code to enter means no authenticator code to steal.
________________________________________________
The wise speak only of what they know. - J.R.R. Tolkien
CORE I7 3.8GHz | 12GB RAM | ATI 5970+5870 | F120 SSD
Live Support: irc://chat.freenode.net/wowtech
This is good. I pay a small fortune (in these parts) for a static IP, so it would be nice to not have to use the thing all the time.
Highly Rated
Just saw this on breaking news, thankfully it asked for my authenticator numbers when I logged on, I hope it always does, same location or not. The reason I bought the authenticator was an attempt to prevent my account from being hacked, now it's not going to ask for it? Why even have one if that is the case? I personally don't like this update and would prefer the intrusion, and having to input it everytime.

Out of curiosity, will it be possible to opt out of that? While I'm sure the developers will roll out software that is indeed quite "intelligent" and does the job well, I would like to have the option to always use my authenticator regardless of where I'm logging in from.


^^ This!
Highly Rated
06/16/2011 02:29 PMPosted by Kodiack
Out of curiosity, will it be possible to opt out of that? While I'm sure the developers will roll out software that is indeed quite "intelligent" and does the job well, I would like to have the option to always use my authenticator regardless of where I'm logging in from.


I agree with this. I'd like to have the option to always use my authenticator.
Highly Rated
This is a catastrophically bad idea. If thieves have tricked someone into downloading a keylogger to get the login info, they can just as easily immediately fake a login to bnet2.0 from the victim's machine.

Edit -- I said they would use a keylogger to get the authcode, when obviously they don't need that any more, just the login. Also, /facepalm
06/16/2011 02:28 PMPosted by Dreadnb
I don't like this

06/16/2011 02:31 PMPosted by Sgtpain
could be my sister or my brother-in-law logging into my account. Then what?


Don't share your password and you should be fine.
Highly Rated
If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist

Is there anyway to make it so that it will ask everytime?
My concern is that the dial-up authenticator already does this... and is much less secure because of it.

I fail to see how someone that gets a program on my computer to keylog me can't also grab my IP and spoof it? Is there something I'm not getting here?
If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist


Please, no. I don't care if it "thinks" its me, could be my sister or my brother-in-law logging into my account. Then what?

Yea, I don't think so. Just because its the same location, won't necessarily mean its the same person if there are multiple people under one roof. I'd rather have it ask me every single time to log in the game.

Freaking lazy people
Someone needs a nap.
And if I have a child whom I share the account with, and use the authenticator to monitor their playtime?
I'm sure you'll be able to opt out of it. Relax.
06/16/2011 02:34 PMPosted by Nale
And if I have a child whom I share the account with, and use the authenticator to monitor their playtime?


Parental Controls
Yay!
Wow didn't think it was that big of a deal, seemed like a quality of life improvement, specially for those that love to have internet issues... didn't know people would be against it.
06/16/2011 02:34 PMPosted by Nale
And if I have a child whom I share the account with, and use the authenticator to monitor their playtime?


Your really not supposed to be able to do that from what I hear, if they want to play they need their own account.
Highly Rated
I'm sorry but I don't like this. I feel more comfortable putting an extra 5 seconds in to type in some numbers rather than have someone get into my computer and log in.

Join the Conversation

Return to Forum