Skip to Content
3-09-2010 @ 7:43AM
Security is not easy and as long as we have the valuable stuff hackers want, they won't stop. So it's important to understand what the authenticator does and does not do for you. Like in that Seinfeld episode, Seinfeld got robbed even though he has the most secure locks on his front door because Kramer forget to close it. -- The authenticator (multi-factor authentication) protects you from "replay attack", where the bad guys can no longer take their time to hack you two weeks later. ----> They need to take both your password and your auth-code to pretend to be you for a short time. Or they have to physically steal your authenticator.-- To defend against man-in-the-middle attacks, you need SSL or other end point authentication. Basically SSL protects your data *AFTER* leaving your computer and it promises the data will be unreadable in transist and truely reach it's intended destination unaltered before it can be read. ----> They need to get into your computer to mess with your data BEFORE it leaves the computer.The good news is that adding an authenticator raise the bar for the hackers to steal your account. But they can still do it if you are not careful... Like even if Kramer remember to close the door, he still has to turn the lock for it to work most effectively. Additionally, all of these protections are not reliable if the bad guys have malware IN THE COMPUTER. They can literally do anything they want. They can even alter your WoW client itself to connect to them instead of Blizzard to login. It's like locking the front door doesn't really protect you from the thief who's already inside the house.So we still need to be vigilant about it even with the authenticator.
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.