First steps to good security
The most basic thing you can do to keep your account safe is to pick a good password that's hard for others to guess. And while we've all heard this before, we'll repeat the basic advice for creating a strong password:
- It should be at least 8 characters long
- It should include a combination of numbers and letters
- It shouldn't include your character name, your email address, or any other easily guessable info
Yes, this is advice you've probably heard before, but that's because it really works to help create a password others won't be able to guess to get into your account. For more tips on creating the best password possible, check Blizzard's advice
and Microsoft's advice
. Get started by changing your account password on Battle.net
now -- once you've logged on, just go to Settings > Change Password.
The next step to password security is making sure other people don't get your password: don't use the same password for other accounts or share your login information with friends. While it might seem harmless, it can lead to you losing your account.
For an extra layer of security, you can enable Battle.net SMS Protect
. With this feature turned on, you'll get text messages from Blizzard when changes are made to your account and you can reset your password, unlock your account, remove a broken authenticator from your account, or recover your account name, all of which are handy. Unless your phone service charges you for text messages, this is free. So long as you have a phone that can accept text messages, we recommend turning on SMS Protect
. To get started, just log on to your Battle.net account and select Edit Battle.net SMS Protect under Account Security on the Summary page (that's the one that displays right after you log in). For more info, check out customer support's video on SMS Protect
.Use extra authentication
While a good password and text message alerts make your account pretty secure, adding an authenticator makes your account as secure as you can possibly get it. So just what is an authenticator
? It's a physical keyfob or a mobile phone app that generates a unique code you have to enter alongside your password in order to log in to Blizzard games or your Battle.net accoun on the web. This adds an extra layer of security, so to get into your account a thief would need not only your account name and password, but also your authenticator code -- which, unless they have your keyfob or mobile phone, isn't something they can get. (And, since authenticator codes are 6 to 8 digits long and change every 30 seconds, it's very difficult for a hacker to guess, too.)
Physical authenticators are available in the Blizzard Store for $6.50 each
while the app version is available for iPhone
, and Windows Phone
devices for free.
Once you have your authenticator -- physical or digital -- it's easy to set up. You can follow the instructions in the customer support video above, or DIY it by going to Battle.net and logging on. At the Summary screen under Account Security, click on Add Security and follow the on-screen instructions to enable your new gadget. When you set it up, you have the option of requiring an authenticator key every time you log on or just requiring it once a week: requiring it for every login is definitely more secure.
If you misplace your authenticator, it gets broken, or you want to switch from the keyfob to the app
(or vice versa), it's easy to disconnect your from your account
so you can add a new one -- just be sure you're ready to replace it when you do, because we can't recommend going authenticatorless. Just go to Battle.net and log on: on the account Summary page, under Account Security, click on Manage Security Options and then Remove Authenticator at the page that comes up. If you have your authenticator -- and it's working properly -- it's quick and easy to remove it by entering in two consecutive authenticator codes.
However, if you've lost your authenticator or it's stopped working, the process is a bit more complicated. Start by heading to Battle.net and clicking the log in option, followed by "Can't log in?" On the page that comes up, select "I lost my authenticator and I want to remove it from my account." If you set up SMS Protect earlier, Blizzard will send you a text message with a code for you to enter, after which your authenticator is removed. Otherwise, you have some paperwork to do: fill out the form that comes up and attach a picture of your photo ID so Blizzard can verify that you're the account holder. (If you prefer, you can also contact customer support by phone
We know, we know: this all seems pretty complicated. But, trust us on this, it's a lot less complicated than your account getting hacked
. So before you next dive into the game, spend a few minutes of your time to secure your account. And if you want more info on account security, WoW Rookie
will be covering how to keep your computer secure and how to recover your account after a hack soon.
Just because you're a newbie doesn't mean you can't bring your A-game to
World of Warcraft! Visit the WoW Rookie Guide for links to everything you need to get started as a new player, from the seven things every newbie ought to know to how to get started as a healer or as a tank.