@ Robin

True, but the only thing you list in your article here is 'get an authenticator' - I would gather very few people read the cut after the actual article, but that's irrelevant I suppose as it's there. I did take the time to look through that article though and I would classify what is covered as very basic.

Some personal recommendations for a secure (by average user standards) computer are;

1. Password your root/admin accounts properly and run as a restricted user. OS's are doing this more for you as they progress, but many people turn this off or use an OS that doesn't do it for you.
2. Keep your OS fully up to date
3. Get decent anti-virus/spyware/malware software. Keep them up to date and run them regularly.
4. Run a browser that supports plugins, such as firefox, and download a plugin that lets you selectively load flash elements of a page, or blocks them completely - flash exploits are where a lot of attacks originate because they can be run via adds even on trusted sites.
5. Bookmark sites such as wow.com and worldofwarcraft.com - use these links to visit the pages always - never ever click on a browser link to them.
6. Run a firewall.

There are of course more and more things you can do, but that will get most people started and reduce the risk of their wow account being stolen to near nothing - basically you'd have to give your account away to lose it.

I again feel I need to clarify my position: I'm NOT AGAINST authenticators. As long as some people find them useful, there isn't anything wrong with them. However they are not and never will be a complete solution and those who preach they are annoy me greatly. You personally aren't doing that as you do include links to other resources, but a very large amount of the wow player base do.

Tell me.. if you ignore all security precautions minus your authenticator and I have fully compromised your machine and am starting at your screen.. what can you do to stop me? Nothing. Once I get your authenticator code I can just log in within 30 seconds then shut your computer down remotely. By the time you reboot and get back on I've already stolen all your gold. Maybe I'll be really sneaky and instead of shutting you down, I'll jump into your router and change all your ISP settings - far as you can tell all thats happened is your internet has dropped out.. how long will THAT take for you to figure out? As long as I don't log out your account I can do as I please until you're back online.

Now thats an extreme example, but technology wise it's certainly possible.

Anyway, I think I have my point of view across.