I think this is a nice move for people who are never worried about someone else accessing their account, but let's face it, the most -hurtful- hackings aren't the chinese gold seller who just strips your character, it's the vindictive ex, or the kid-in-a-snit-over-being-grounded, or someone else who might know your habitual weak passwords and will try to ruin your -reputation- as opposed to just taking loot Blizz can return.

Yes, stronger passwords, unique passwords, never share them. But people make mistakes. That's what the authenticator is -for-. People run the wrong file. People trust someone they shouldn't. People tell their kid their password so he or she can log in and play a lowbie. We wouldn't need authenticators if we all had perfect computer security in the first place.

In other words, it should be opt-out.

Also, I'd like the damn password reset if logged on from someplace else to be opt-out too. It actually weakens security - because if someone -is- keylogging me, now I just went and entered my security question answer too. Doh!

Reply