Skip to Content
6-19-2011 @ 11:53AM
"so they may use system info and a combination of all of the above to generate unique keys for systems"And once the hackers determine what the algorithm is to determine this information, all they need to do is insert code into their keyloggers to capture this from your computer along with your username/pwd. Since this hash is UNCHANGING, it will always be valid. Unlike the authenticator, which IS a continuously changing code. Alternatively, they can just continue using man in the middle attacks, which instead of stealing your authenticator code, will steal the 'location id' that blizz has put in.I don't pretend to know what's happening on Blizzard's side for the authentication, but then I'm not the party that's interested in finding ways around it. Trust me when I say that the gold farmers are already hard at work trying to determine how to get around Blizzard's code without needing the authenticator information, now that the possibility exists.
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.