Authenticator
Latest
How to secure your World of Warcraft account
Whether you're just getting started or you've maxed out the number of characters on your World of Warcraft account, your account is valuable to hackers. And if they happen to steal your account, it can be a pain -- and a long wait -- to get it back to you. All of this makes securing your World of Warcraft account serious business. But fortunately, it's easy enough to keep your account under (virtual) lock and key by taking some precautions in advance -- and when we say "in advance," we mean these are things you should do right now. We'll walk you through the very basics of keeping your account secure with a good password and an authenticator. Read on for all you need to know about getting started with good security!
Authenticators temporarily unavailable from EU Blizzard online store
From December 17th, players in Europe will no longer be able to order a physical Battle.net Authenticator from the Blizzard online store. CM Takralus broke it down for everyone playing in the EU realms. Why are authenticators going to be unavailable? Because the online store in Europe is being revamped. Takralus - Battle.net Authenticators Temporarily Unavailable From December 17 2012, physical products including Battle.net Authenticators will be temporarily unavailable on the Blizzard Online Store in Europe. This is in preparation for a revamp of the store which will take place during 2013. In the meantime, many items can be found on the US Blizzard Store. Players wishing to acquire a Battle.net Authenticator have several options. The Battle.net Mobile Authenticator is available for many types of smartphone, and you can find out more about it here. For many people, this is the easiest and cheapest option! If you prefer to have a physical Battle.net Authenticator, you can get hold of one from several sources including the online retailers and high-street stores listed here. . source I admit I don't know how reasonable it is to order an authenticator from the US store for players in Europe, so hopefully the store won't be down for long. It should be noted that Takralus specifically points out that physical products will be unavailable, so presumably you can still buy items like pets and mounts. Mists of Pandaria is here! The level cap has been raised to 90, many players have returned to Azeroth, and pet battles are taking the world by storm. Keep an eye out for all of the latest news, and check out our comprehensive guide to Mists of Pandaria for everything you'll ever need to know.
Guild Wars 2 sells makeovers, explains authenticator issue
If you haven't been completely satisfied with how you styled your Guild Wars 2 character to look but don't have the heart (or time) to reroll, ArenaNet has a solution... for a price. The studio added two options to the game's cash shop that allow players to fiddle with their characters' visuals. The new items are a self-style hair kit (which costs 250 gems but can be purchased in bulk) and a total makeover kit (this goes for 350 gems and also has a bulk purchase option). While the total makeover will allow for a change in height, hair, skin, and even gender, it does not include a name change. ArenaNet also addressed an authenticator issue that arose when players noticed that the game stopped asking for the code. It turns out that the team switched to an updated version of the system that remembers computer locations verified by email and will not ask for an authenticator code from that place. Security Coordinator Mike Lewis reassured players that their game was still safe: "Please be aware that your accounts are still protected by the mobile authenticator at this time."
Blizzard's response to authenticator lawsuit: 'Without merit'
A few days ago Massively reported that a class-action lawsuit had been brought by players against Blizzard Entertainment. The lawsuit claims that Blizzard's actions (and inactions) were forcing players to purchase physical authenticators for Battle.net. Today we've heard the response from the studio, which is an unsurprising dismissal of the accusations. Blizzard released a statement that began as follows: "This suit is without merit and filled with patently false information, and we will vigorously defend ourselves through the appropriate legal channels." The studio went on to address the concerns brought up by the lawsuit and defend its actions during the past summer's Battle.net security breach. Blizzard said that the onus to secure one's computer is on the operator, which is why the company "strongly encourages" the use of authenticators.
Blizzard faces class action suit over account authenticators
Blizzard Entertainment is facing a class action lawsuit over the sale of its Battle.net authenticators, which are used to provide security for player account information for games such as World of Warcraft and Diablo 3. The suit, filed by the law firm Carney Williams Bates Pulliam & Bowman, PLLC in the Central District of California, alleged that the authenticators were needed by players "in order to have even minimal protection for their sensitive personal, private, and financial data." The lawsuit referred to an August security breach in which no financial user data was reported to be stolen.The class action suit posited that Blizzard practiced "deceptive upselling," in that it allegedly failed "to disclose to consumers that additional products must be acquired after buying the games in order to ensure the security of information stored in online accounts that are requisites for playing."A Blizzard representative told Forbes that "this suit is without merit and filled with patently false information, and we will vigorously defend ourselves through the appropriate legal channels." The representative said the use of the authenticator tool was optional for players, and offered players "an added level of security against account-theft attempts that stem from sources such as phishing attacks, viruses packaged with seemingly harmless file downloads, and websites embedded with malicious code."Blizzard's statement continued, "the suit's claim that we didn't properly notify players regarding the August 2012 security breach is not true. Not only did Blizzard act quickly to provide information to the public about the situation, we explained the actions we were taking and let players know how the incident affected them, including the fact that no names, credit card numbers, or other sensitive financial information was disclosed."
Blizzard facing class-action lawsuit over Battle.net authenticators
World of Warcraft creator Blizzard Entertainment is on the receiving end of a class-action lawsuit filed this morning by players who allege that the company is unfairly forcing players to purchase Battle.net authenticators in order to keep their accounts secure. The two plaintiffs claim that in lieu of providing account security to Battle.net players, Blizzard puts the burden of protection in the hands of the subscriber and encourages the purchasing of authenticators. The suit alleges that the sale of authenticators has earned Blizzard $26 million and that Blizzard is profiting "unjustly" from players looking to secure their accounts. The suit mentions several examples of Battle.net accounts being compromised, specifically noting the hack of Battle.net that occurred in August and Blizzard's confirmation of a rise in compromises in May. It also notes that the free authenticators for smartphones were compromised, which the plaintiffs say makes buying a physical authenticator the only true way to protect an account from theft. Activision Blizzard hasn't offered a response as of yet. The two plaintiffs seek damages and an injunction that would prevent Blizzard from adding what the suit describes as "undisclosed fees" to ensure the security of Battle.net accounts (in other words, no more selling of authenticators). We'll keep you updated as we hear more.
Blizzard increases security with SMS Protect
If you're concerned about account security, there's a new feature Blizzard want you to know about. They've been reminding us all about this feature via the forums, and have posted this informative, if somewhat bizarre video to tell us all about it. The new feature, introduced a few months back, is Battle.net SMS Protect. It's a free service, as long as your mobile phone service provider doesn't charge you to receive text messages, in which case text messages would be charged at the usual rate. SMS Protect cannot use any type of messaging other than text messaging, and doesn't require a smartphone to work -- all your phone needs is the ability to receive SMS text messages, making this a nice feature for those players who don't have smartphones. There have been mixed reports on whether it works with prepaid mobile phones, but where it hasn't been working that's usually because carriers don't allow the receipt of SMS text messages. SMS Protect is not designed to replace the authenticator, either the phone authenticator or the physical authenticator. Rather, it is an alert system, designed to warn you about suspicious activity on your account, and allow you to perform certain actions with your phone. Hit the break for more information!
Dropbox two-step login verification available in experimental build, coming to all accounts soon
Following up on its promise to tighten account security following a recent breach, Dropbox is now offering two-step login authentication to users who install the service's latest experimental desktop build. The team says the functionality will roll out to all users in the coming days, but listed full instructions to forum users who just can't wait. Those who op-in only need to download a new version of the Dropbox desktop software and activate the feature in their account settings. Once set up, Dropbox will require all unrecognized machines to provide a code, culled from an authenticator app or received via text message. The firm also provides an emergency back-up code that'll disable the feature should you lose your phone. Feeling insecure? Check out the source link below to get started. Update: Dropbox just made it official, detailing set up instructions once more on the Dropbox blog.
Diablo III pulls trigger on NA real-money auction house
While Diablo III released weeks ago, Blizzard's held off from launching the game's controversial real-money auction house in North America for its own reasons. All must be good on the studio's end, however, because the auction house has gone live in the game as of today. Unlike the traditional in-game auction house, the real-money variant deals in actual currency (such as USD). Players can sell their hard-won goods for cash, which can then be either spent on the auction house, sent to their own personal PayPal accounts, or converted to Battle.net Balance credit. The real-money auction house requires additional setup if the players have not attached a PayPal or authenticator to the account. Blizzard does take its cut, and business must be good: There are reports of items going for over $200 already.
Diablo 3's real-money auction house requires an authenticator
Diablo 3's real-money auction house is set to go live tomorrow, and when it does, it will require players use an authenticator for an "added layer of account protection," Battle.net's Meozeldian wrote. The authenticator, which comes in a physical version for $6.50 or as a free mobile app, will be required for anyone to add funds to a Battle.net balance.Those who have already added funds to their Battle.net accounts will be able to use those without an authenticator, but from today on, all new additions will only work with an authenticator attachment.Blizzard has previously suggested all players use an authenticator to prevent hacking, but this is the first feature for which it is a requirement. As this is to protect players' real money, it's difficult to find the rule egregious, especially as Blizzard generally handles thousands of hacks per day, and the mobile authenticator is entirely free.
Authenticator now required for Diablo's Real-Money Auction House
In order to use the Real-Money Auction House in Diablo III (which can be used to fuel your WoW subscription), you need to have a Battle.net balance set up for buying and selling items. Because Blizzard is understandably concerned about account security, an authenticator or mobile authenticator is now required in order to add to your Battle.net balance. Transferring proceeds from the RMAH to your B.Net balance will also require the use of an authenticator. The RMAH has yet to be implemented in Diablo III, but some players have already added money to their balance in preparation for its launch. Those players will be still be able to use it to pay for eligible purchases or to use in the RMAH without the added security, but adding to the balance from now on will require adding an authenticator to their accounts. I think that preparing beforehand for the inevitable attempted account incursions is a very responsible move on Blizzard's part. This move is good for the players, as well as good for their customer service department, I'm sure. The full announcement is after the break.
You cannot get hacked by playing public games in Diablo 3
After years of keyloggers and trojans from unsafe browsing, unsecured computers, or just plain bad luck, WoW players should be pretty used to the concept of a compromised account and how said compromises happen. Unfortunately, Diablo III players don't appear to be as familiar with them, which has resulted in some pretty maddening discourse on the official forums and across the internet. Just like WoW accounts, Diablo III accounts are worth real money. Blizzard has had experience dealing with compromised accounts for years. This is why it introduced the Battle.net Authenticator, a second level of security that makes it very, very difficult to get your account compromised. Authenticators don't make it impossible to get your account compromised, but they do make compromising your account much more trouble than it's worth in the face of mass keylogging, which is how accounts are normally stolen. Some people who haven't had a WoW account before but bought Diablo III were undoubtedly surprised when their accounts were compromised, which is understandable. An editor at Eurogamer had his account hacked and responded with an article suggesting that players were getting their sessions hijacked by joining public games and that people were getting compromised with this method even with authenticators attached to their account. Unfortunately, sites all over the internet picked up the story and also reported the session hijacks and bypassed authenticators as fact. The problem is that neither of those things were correct. In fact, Blizzard says it's actually impossible to do with Diablo III due to the way the infrastructure is set up.
Blizzard denies Diablo III authenticator hacking claims
We've been following the mass reports of hackers bypassing passwords and authenticators to rob Diablo III accounts blind, and now we have a new twist on the story. While Blizzard confirmed "an increase in reports of individual account compromises," the studio says it has no hard evidence that hackers have found a way to skirt around the authentication system. Community Manager Bashiok said that the company is taking the claims "extremely seriously" and is investigating the rash of account compromises. "Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password," he said. "While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand." Blizzard is assisting compromised customers by restoring stolen items and rolling back their accounts. The studio has a post up on its forums to help players protect their accounts and get assistance if theft occurs.
Blizzard: Diablo 3 account compromises historically in line with WoW expansions
The Blizzard forums are bursting with stories of Diablo 3 players' gold and items magically disappearing from their accounts, and while we bemoan the losses they're not entirely surprising."Historically, the release of a new game -- such as a World of Warcraft expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo 3," Blizzards told Joystiq this evening. "We know how frustrating it can be to become the victim of account theft, and as always, we're dedicated to doing everything we can to help our players keep their Battle.net accounts safe -- and we appreciate everyone who's doing their part to help protect their accounts as well."
The Daily Grind: Do you use mobile authenticators?
A recent listener of the Massively Speaking podcast sparked a lively debate about the mobile authenticators that MMO companies are so fond of asking us to use as an extra layer of security for our accounts. He suggested that companies that encourage authenticators are doing so less for our security than for their own financial interests or responsibility -- after all, if I'm using an authenticator, they can save money on support and security staff. Our listener also pointed out that authenticators are annoying to the point that MMO studios sometimes have to bribe us with minipets and other goodies to get us to enroll, which suggests that maybe more people than we'd think avoid that extra tier of security. What about you -- do you use mobile authenticators when they are available, and if not, how do you and the games you play safeguard your accounts? Every morning, the Massively bloggers probe the minds of their readers with deep, thought-provoking questions about that most serious of topics: massively online gaming. We crave your opinions, so grab your caffeinated beverage of choice and chime in on today's Daily Grind!
PlayThru hopes to kill text captchas with game-based authentication
At their worst, captchas are impossible to decipher; at their best, they're... fun? A startup called Are You a Human has developed PlayThru, an alternative to text-based authentication. Instead of requiring the user to type some blurry, nonsensical word, PlayThru has them play a mini-game, such as dragging and dropping a car into an open parking spot. The startup says this method is more secure than word captchas -- since automated bots have a harder time solving these image-based puzzles -- and more fun, because users generally have a better time when their ability to identify letters isn't called into question. PlayThru has been in beta for several months and is currently available as a free download. On May 21st, the solution will officially launch on both PCs and smartphones. Click through to the source link to try out the captcha alternative for yourself.
Trion Worlds customer database hacked, 'no evidence' credit card info stolen
Trion Worlds has become the latest in a long string of MMO studio security breaches this year, as the company reported an intrusion into its customer database. At risk of compromise were customers' user names, passwords, birthdates, email and billing addresses, and partial credit card info. However, the company states that "there is no evidence" that full credit card numbers were stolen at this time. In a message posted on the Trion Worlds website, the company promises that it is both researching the intrusion and taking steps to increase security. As part of this, all RIFT players will be asked to change passwords and security questions, and their mobile authenticators will need to be reconnected. The company urges customers to watch their bank statements for questionable activity, and provides customers with resources to get a free credit report and putting a freeze on credit reports. To compensate customers for the issue, Trion is providing all RIFT players with three extra days of gaming time and a Moneybags' Purse that increases all money looted by 10% in-game. [Thanks to everyone who sent this in!]
Star Wars: The Old Republic launches Android authenticator and upcoming test server
If analyst predictions hold true, Star Wars: The Old Republic is going to be big. And that means that it's going to be heir to the natural problem of account hackings, the sort of thing that goes hand in hand with every major MMO. Luckily, the game has launched with security authenticators already available, with a physical version and an Apple app available right out of the gate. The mobile authenticator for Android devices is also now available, meaning that you have a multitude of ways to ensure that the only threats to your characters are those of the blaster-wielding variety. Once you've gotten through the authenticator stage, however, perhaps you'd like to see what's coming next for the game? Ask a Jedi reports that it looks like BioWare is in the process of setting up a public test server, giving every subscriber a chance to enjoy the upcoming patches and updates before they go live. While players will not be able to copy characters from the live servers to the test environment at this time, the team behind Star Wars: The Old Republic seems to be polishing up the game on a daily basis even though it's just launched, so that likely won't remain the case for long.
Blizzard releases customer support how-to videos
As part of its continued fight against account hacking and account compromise, Blizzard's customer support department has started a YouTube channel dedicated to hosting how-to videos on security, what to do if your account is hacked, general security tips, and how to use the Battle.net authenticator. Not only are the videos educational and helpful, they are also adorably fun, making security as enjoyable as it possibly can be. Not only is this an awesome service for Blizzard to put out, the videos offer excellent ideas for online security in general. The tips in the general account security video are great tips to follow, even if you aren't a gamer. Everyone on the internet should be following these security tips. Good on you, Blizzard, for this awesome community service. I don't think we can give the customer support guys enough shout-outs. Brace yourselves for what could be some of most exciting updates to the game recently with patch 4.3. Look at what's ahead: new item storage options, cross-realm raiding, cosmetic armor skinning and your chance to battle the mighty Deathwing -- from astride his back!
SOE releases account authenticators
Sony Online Entertainment has joined the growing list of gaming companies that offer physical authenticators for protection against account hacking and associated fraud. EQ2Wire brings us the details on the new device, which at $9.95, is slightly more expensive than Blizzard's comparable Battle.net fob. SOE's authenticator may be used on multiple Station accounts, and for now at least, is shipping out sans handling charges (even for overseas orders). EQ2Wire also has a handy and detailed guide to the new authenticators from last month's Fan Faire, and the website notes that free iOS and Android security apps will be forthcoming at an as-yet unannounced date.
