by Basil Berntsen 
Dec 14th 2010 at 7:00PM
| Event | Date |
|---|---|
| Call to Arms: Deepwind Gorge | 6/14 - 6/17 |
| Call to Arms: Arathi Basin | 6/18 - 6/24 |
| Midsummer Fire Festival | 6/21 - 7/5 |
| Call to Arms: Strand of the Ancients | 6/25 - 6/27 |
| Call to Arms: Eye of the Storm | 6/28 - 7/1 |
| Call to Arms: Isle of Conquest | 7/2 - 7/4 |
| Call to Arms: Alterac Valley | 7/5 - 7/8 |
| Darkmoon Faire | 7/7 - 7/13 |
| Call to Arms: The Battle for Gilneas | 7/9 - 7/11 |
| Call to Arms: Warsong Gulch | 7/12 - 7/15 |
| Call to Arms: Twin Peaks | 7/16 - 7/18 |
| Call to Arms: Silvershard Mines | 7/23 - 7/25 |
| Call to Arms: Temple of Kotmogu | 7/30 - 8/1 |
| BlizzCon | 11/8 - 11/9 |
© 2013 AOL Inc. All rights Reserved. Privacy Policy | Terms of Use | Trademarks | AOL A-Z HELP | About Our Ads
Patch 5.4 patch notes
Virtual Realms feature revealed
The Proving Grounds are coming
The latest patch 5.4 news
Reader Comments (Page 3 of 3)
jfofla Dec 14th 2010 8:10PM
Amazing that people still think it is easy to get past an Authenticator. It generates a unique six digit code every 30 seconds. Unique to the individual Authenticator. So "knowing" the code would do you mo good unless you knew the SN of the Authenticator of where in the code sequence that unique Authenticator was.
On top of that, an Authenticator code can only be used Once to log in, so if a hacker somehow keylogged you real time and enter the same code within the 30 second window it still would not work.
If a hacker manages to get you with an elaborate man in the middle scheme, yes, they could log into your account.....ONCE, but they could NOT remove the Authenticator without the SN and they could not log into your Battlenet to change your password, because the stolen code was good for only one log in.
I call that Ironclad.
wow Dec 14th 2010 8:21PM
Last I checked wow did allow you to use the same number twice for a login, in fact I specifically remember that was an attack based around that. Or did they change it after said attack?
Xarnlen Dec 14th 2010 8:38PM
That's correct and blizzard if people have not kept up also added fingerprinting of your system to the logon, so if the station you login all of a sudden is different you will get a request to verify it's still you. This was put in place so that when you play from two locations it now keeps track, so that hacker probably will not get in with a scammed token code in that 30 secs time window.
Xarnlen Dec 14th 2010 8:40PM
Thats correct for the @jfofla not @wow, you cannot use same number twice unless it was that rare compromised launcher that some people got infected with.
wow Dec 14th 2010 8:54PM
mmm, I may try that tonight just to see if it works, will be interesting to try
Phaded Dec 14th 2010 10:43PM
@wow , the trojan would block your computer from sending the correct authorisation code to battle.net and then send it to the authors who used that code to log into your account and comprimise it. The code was still only ever used once
Matt Dec 14th 2010 8:14PM
Weird... I never got this mail...
saysu Dec 14th 2010 9:29PM
Taht wont happen when i get this brand new baby
http://cgi.ebay.com/Brand-New-Dell-M1730-World-Warcraft-LAPTOP-/220711548097?pt=Laptops_Nov05&hash=item33636ef4c1
Al Dec 14th 2010 9:31PM
Trusting something with "ass" in the title.. seems antithetic to internet safety, but that's just me.
Phaded Dec 14th 2010 10:41PM
Hotmail uses digital signing to verify the senders of mails from popular phishing targets like paypal and blizzard. Score 1 for Microsoft