Skip to Content
9-22-2010 @ 3:06PM
While hopefully this greatly reduces queue times for CS matters, I really hope they are considering including an authenticator in each Cata box, or some sort of voucher to obtain one. You'd think this would ultimately save them money from a cost perspective, given how much compromised accounts must cost in manpower alone.
9-22-2010 @ 4:05PM
Frankly, I think they should just go the route of making authenticators mandatory, and include one in every new World of Warcraft box (Vanilla, TBC, Wrath, Cataclysm) starting with the release of Cataclysm.Don't want an authenticator? Okay, you can't upgrade to Cataclysm. Seems simple enough, especially if you get a free one with each box. (There would be a problem for people who only buy digital downloads, but I'm sure Blizzard can find a way to address that.)
9-22-2010 @ 5:34PM
@wutsconflagThe cryptography contained in the authenticator is export controlled in the US. There are laws preventing Blizzard from putting them in every box. I agree that it's a good idea, but it's just not possible with current laws.http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States
9-22-2010 @ 6:19PM
@t0xicBullshit. This has been debunked 100 times, please stop spreading false information. An authenticator is nothing but a clock with an algorithm tied to the serial number to display the time in a non-standard manner. There is no cryptography in the device, its made in china and banks around the world use the exact same device without the blizzard sticker on it. I would be happy to pay $45 for cataclysm instead of $40 if they put an authenticator in every box, even though i already have one, and made it mandatory, it would mean shorter CS times for everyone. Just last week i had to wait 12 hours for a 30 second answer to a question, thats just ridiculous.
9-22-2010 @ 7:38PM
-----Cyno01 Sep 22nd 2010 6:19PM@t0xicBullshit. This has been debunked 100 times, please stop spreading false information. An authenticator is nothing but a clock with an algorithm tied to the serial number to display the time in a non-standard manner. There is no cryptography in the device, its made in china and banks around the world use the exact same device without the blizzard sticker on it. -----You're both wrong. If cryptography import/export laws are an issue, it's likely to be another country's import laws that makes the Authenticators risky. The US laws have changed drastically over the years (although not completely unrestricted). There are some countries (including China - stark contrast considering Vasco's production) with very restrictive import laws. Although I have to wonder if the Authenticator creates a problem whether the WoW client and Warden wouldn't also be issues.In any case... the debunking is bunk. The Authenticators are encryption devices. They do HMAC-SHA1 against a 160bit secret key and a time calculation (and then select a portion of the resulting hash to use for authentication). The secret is known by Blizzard's authentication server and your Authenticator. Your Authenticator's S/N is just a reference (S/N X = Key Y). If you want to work out all the math for that, you can Google for HMAC-SHA1 and OATH HOTP. It's all much more complex than the "debunking" would make it appear (it's more complex than I make it appear).
9-23-2010 @ 3:01PM
NIce idea but impractical..Your assuming that Blizzard make the authenticators.They don't. A third party company Vasco both makes them and also owns the patent for the particular model of device that is the Blizzard Authenticators. This company has plenty of other corporate customers , some Bigger then Blizzard that they have to fill orders for. The only way would be for them to of ordered enough shipments of Authenticators way ahead of time. And there have been several Occasions when the Authenticators have been sold out of the Blizzard store and they've had to wait on shipment from Vasco. Not looking good on the whole stockpiling thing.Also some people with wicked fast internet will be downloading the expansion anyway. What do you say to them?
9-23-2010 @ 9:16PM
I would totally buy a CE of Cata if it came with a special limited edition authenticator that had a hologram on it
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.