Ah, the old "It's never happened to me excuse" which was used for Airbags, seatbelts and grounded outlets.

How about the new it'd never happen to you either if you didn't share your information or fall for phishing scams. I know it's tough, but it's called using common sense.

That's simply not true. I have had my wow account since vanilla wow and I was hacked over Christmas.

I have never shared my account information with anyone, I run NoScript with firefox and regularly do rootkit and anti virus scans. It is possible just to be unlucky.

haha, well you're lucky then, thats all that means.

Idk why this is even in debate, it should be mandatory, period. I've had an authenticator since April/May. since that time 3 IRL friends of mine have been hacked, one after i sold him 3 extra authenticators i had. not more than a month ago i was online when one of our officers, who's now GM, got hacked. He's waited a long time to get his stuff back.

anyone that thinks just because they haven't gotten hacked is just fooling themselves into a false sense of security.

i personally feel that if they do make it mandatory (and they SHOULD) every box of Cataclysm should come with one, and anyone that doesn't buy Cat should have the opportunity to get one either online, or at a store.

I've heard all the arguments against having them but they are all hollow and dumb. go get one. free for Iphone/Ipod touch, .99 for other Phones, 6.50 for a reg one. people need to quite QQing about them.

There's other ways to get hacked besides directly sharing information. Keyloggers are most likely the biggest culprit and can actually come from things completely unrelated to WoW such as torrents. Does the extra 2 seconds it would take to log in wtih an authenticator and $6.50 shipping cost really make you so upset that you'd rather not have GMs working on more serious issues?

It's called misdirection... and to claim its common sense is ignorant. There were two people hacked in my guild last month. My wife, my daughter and I all have authenticators. It's not inconvenient unless you're looking to hack accounts.

There are a variety of ways to get hacked other than phising schemes. Remember when QuestHelper had a keylogger injected in it right when Wrath shipped? I know a bunch of people that got nailed by that. I got nailed by a keylogger in a Flash movie from a site I visited.

People aren't just putting their info in strange web sites here. Keyloggers just wait for you to log in again send the info on to the hacker.

You spent a lot of time on your toon? 6 bucks is lunch. Just by the authenticator and feel safe. I wouldn't even wait for it to come in Cataclysm. I'm guessing it'll be mandatory with Cataclysm, so you might as well get used to it.

Anything that allows Blizzard to focus on the game instead of hackers seems like a win to me.

>How about the new it'd never happen to you either if you didn't share your information or fall for phishing scams. I know it's tough, but it's called using common sense.<

While that's reasonable enough to believe, the sad fact is that not everybody is that sensible. Nor are those the only ways to hack accounts, so it's not even actually an argument against Authenticators.

You might as well say you know better than to make typos. OH WAIT, you did.

Yeah, belt and suspenders, nothing wrong with them.

I had my account hacked not too long ago.

-I have current antivirus software with definitions updated bi-weekly.
-I regularly do malware scans on all the computers on my network.
-I do not share my account info.
-I do not visit disreputable sites.
-I do not fall for phishing scams.
-I do not run frivolous 3rd party WoW mods: only DBM, Recount and Omen.

It was the result of a key logger trojan getting on to my home network. It came in through my roommate's computer due to Flash not being on the very most current version on that machine.

I am internet savvy (I am A+, MCSE and Network+ certified, I know my way around a personal computer).

These things are not always the result of people being ignorant or careless, sometimes they just happen. If it didn't happen to you, then I am glad for your good fortune, however, do not mistake that luck for invincibility. Trust me, account theft can happen to anyone.

I support the idea of mandatory authenticators. It would saved thousands of man hours for their customer service department, which gets very expensive very fast. And the more profitable an endeavor is, the better the resource distribution becomes in improving that enterprise.

My going-on-50 mother recently called me when I was sitting at home with my favorite magazine and a glass of scotch in my most comfy armchair (I like to open up my stories whenever possible with a warm cozy setting; makes the reader feel more at ease) to have her exasperated. She was trying to master facebook, having been invited by a real life friend to a group of all her old high school/college buddies, including her one-time championship dart-team. She also found her old bridge table online (eventually) but needed my help in mastering basic internet skills.

As biased as I am (she's my mother after all) ANYONE that talks to her can tell you she's plenty savvy. You don't spend that many years drinking and gambling and not come out "street-smart." She's also a teacher and is head of her department. While I'm not implying that she's an earth shatteringly brilliant person, she's a damn smart woman. Her computer skills are meager though. If someone ever managed to convince her to play WoW, I'd give it three weeks a best before she finds a way to get hacked. Granted, that might be too short of time because it could take her 6 months to figure out addons if she doesn't ask for help.

To say though that everyone who doesn't "watch their back" or whatever deserves to be hacked for their airheadedness is more than a little unfair. I know you didn't say that, but your bite of impatience for hacked accounts suggests such a feeling to me. Do you expect a brand new clinic doctor to be able to identify a patient displaying drug seeking attitudes within his first month? Or even year? Of course you don't. Why then would someone new to both the internet and gaming be expected to be knowledgeable enough to spot some very well done scam emails? After three and a half years of WoW, I still get the odd email that will make me do a double take. I don't click on them because of long years of internet experience, but the poor true newb doesn't stand a chance.

As for Authenticators being unnecessary and you saying they won't help, I might remind you that NEVER has there been an account hacked with an authenticator tied to it. People have entered their number for a one time login, but the device is not connected to your computer and is literally unhackable. Authenticators are one of the best band-aids Blizzard can add to the game. While you are right in that it will never be possible to completely close that gaping security void sitting between the chair and keyboard, Authenticators are the closest that we can come to that. Did you know your WoW account with an Authenticator will instantly become one of, if not THE most secure pieces of personal information you possess?

I really like the comparison to a seat belt; the risk? It's mildly uncomfortable and takes a handful of seconds out of your day to operate. The reward? It could save your life...but what's sure-fire short term loss to possible long-term gain?

Food for thought: Your psyche...your carnal basic survival desires, as an animal, is programmed for short term gain. Turn up the volume of your intellectual voice and it would tell you uncomfortablness be damned, seatbelts ftw.

The concept of mandatory authenticators is not actually a "ridiculous measure". There are other aspects of that kind of requirement that people don't seem to consider or mention, however.

Firstly, this article presents the notion that we should all sympathize with Blizzard and how inconvenienced and overworked they must be as a result of having to constantly work to keep all their millions of paying customers happy. Wait.. millions of customers? And they all pay a regular fee for services rendered? That's a problem?

Secondly, this article and others all reiterate a fact that should be obvious anyway: Blizzard benefits far more from people using authenticators than members do. We save a couple of days of potential down time. Blizzard saves who-knows-how-much on wages and support costs, and can reinvest those resources elsewhere. Both sides are winners, but Blizzard scores more points. If Blizzard is saving all this money, and we're already PAYING them money, why would we be the ones to shoulder the cost of the authenticator?

Third, no one ever mentions all the other horrible and much more inconvenient things that can (and usually do) happen when you allow a keylogger on your PC. Ever log in to your bank accounts on the internet? Check credit card balances? Email? Pay any bills online? All of those things are equally at risk. Do you really think a motivated, malicious individual is going to stop at your WoW account and ignore everything else? "Let's see, credit cards... no... social security number.. no... bank accounts... no.... World of Warcraft! Bingo!" Two or three days of WoW down time is, relatively speaking, nothing.

In conclusion, I think that mandatory authenticators are a reasonable requirement. But considering who benefits/saves more and the fact that the use of an authenticator is a *certain* inconvenience to prevent a *potential* inconvenience leads me believe that Blizzard should provide authenticators to customers free of charge, either packaged in with the game/expansions or online. It should be fairly easy to provide one free authenticator to each account holder and charge for replacements if they're lost or damaged.

Analogies are stupid are are prone to hyperbole. Don't be like the rest of the internet and use them in an argument. You could argue that the authenticator is like a seat belt and should be mandatory. Conversely, you could argue that it's like buying a guard dog when you already lock your doors and set the alarms, and therefor unnecessary. It's stupid. It gets us nowhere.

Let's get this straight.

No one should be arguing that Authenticators are ineffective.
No one should be arguing that attempting to but a system in place to handle protecting and restoring compromised accounts is a bad idea.
No one should be arguing that mandating them to combat a major spike in compromised accounts is a bad idea.
No one should be arguing that owning a Mac or running anti virus software will insulate them from getting phished or key-logged.
No one should be calling anyone irresponsible or stupid for not wanting to pay a single penny more for a security feature that should have been shipped from the beginning.
No one should be down-ranked for being against this rumored mandate.
No one should be using stupid logical fallacies and ad homenim to debate people on EITHER SIDE.

I would love to see a review of each side's argument over the past week. But I think the nature of the Blog, and the fact that this medium is more opinion-based than journalistic means that we (sadly) won't see such a thing.

@ toddcore
ihave noticed several ppl that have problems with blizzard asa company benefiting from their game. my question is why? i mean blizzard dose make some decent games although their customer service record is not the greatest, i think that it frees up their time and money so that they can help with other products/ services it benefits us more