Skip to Content
9-22-2010 @ 7:38PM
-----Cyno01 Sep 22nd 2010 6:19PM@t0xicBullshit. This has been debunked 100 times, please stop spreading false information. An authenticator is nothing but a clock with an algorithm tied to the serial number to display the time in a non-standard manner. There is no cryptography in the device, its made in china and banks around the world use the exact same device without the blizzard sticker on it. -----You're both wrong. If cryptography import/export laws are an issue, it's likely to be another country's import laws that makes the Authenticators risky. The US laws have changed drastically over the years (although not completely unrestricted). There are some countries (including China - stark contrast considering Vasco's production) with very restrictive import laws. Although I have to wonder if the Authenticator creates a problem whether the WoW client and Warden wouldn't also be issues.In any case... the debunking is bunk. The Authenticators are encryption devices. They do HMAC-SHA1 against a 160bit secret key and a time calculation (and then select a portion of the resulting hash to use for authentication). The secret is known by Blizzard's authentication server and your Authenticator. Your Authenticator's S/N is just a reference (S/N X = Key Y). If you want to work out all the math for that, you can Google for HMAC-SHA1 and OATH HOTP. It's all much more complex than the "debunking" would make it appear (it's more complex than I make it appear).
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.