Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag authenticator

Battle.net authenticator process updated with smarter log-in detection

A substantial updated to the Battle.net authentication system was announced today. Players will soon notice a change to their authenticator log on -- it just might not appear. Blizzard's login servers and authentication system now intelligently track where your account is logging into the game from and, if you're consistently logging in on your home computer, the authentication servers will let you pass, no code needed.

Blizzard wants make the authentication process less intrusive and this is a first step towards that goal. Right now, having to input a code each and every log in is a pain, sure, but it also makes me feel secure. I'm never going to say no to more security, however, and if the system is something that can accurately figure out where I am and let me on, that's great.

This doesn't take into consideration the circumstance where you use an authenticator to prevent access to WoW, even from the home PC. I know some parents who use a simple password that their kids can remember but use the authenticator as the gate to prevent unwanted play. Maybe there will be an opt-out feature of some kind to always ask for the code.

You can check out the Battle.net account security page or check out the Blizzard mobile site for application information. For more information on this specific change to the authenticator system, follow me after the break.

Read more →

Filed under: Blizzard, Account Security

Remote guild chat feature bugged for authenticator ranks

The new remote guild chat feature, currently available for free on the World of Warcraft mobile armory smart phone app, has run into a little bug that demoted players from authenticator to non-authenticator rank in their guilds. Blizzard's Bashiok hit the forums to explain the issue. Basically, when people were logging in to the mobile app to chat with their guilds, it signalled the guild interface that these people had logged in without an authenticator and automatically changed their rank.

The issue has been hotfixed and should not affect any more players with authenticator ranks, but players currently at a rank in guild that requires an authenticator will not be able to use the service until the big hotfix tomorrow.

Also, the guild chat feature has been added for every realm in the Ruin Battlegroup, so more people get to check out this really cool feature. For the full post, hit the jump.

Read more →

Filed under: Blizzard, Cataclysm

First Core Hound Pup adoption campaign winners announced

Blizzard's Core Hound Pup Adoption Campaign is giving players the chance to win an iPad as well as boost their own account security. In an effort to get more authenticators attached to accounts, Blizzard ponied up some iPads to get the job done. Each month, a screenshot entry is chosen to win one of 12 iPads. Just take a screenshot of you and your security pup companion doing something crazy, out of the ordinary, or just plain awesome, hit up the contest rules page, and you've got a shot at winning. The first four winners have just been announced and their screenshots released.

Read more →

Filed under: Contests, Account Security, Cataclysm

RSA security hack not affecting Blizzard authenticators

Many people were quick to wonder and worry about whether the recent hacking of the RSA (the security branch of EMC) had the potential of harming Blizzard's authenticators or authentication software. Fear not, as the blues have chimed in with a response:

RSA Hack and Blizzard Authenticators
Pokzin,

The Blizzard Authenticators are based off modified Vasco tokens. I'm sorry to hear about RSA's troubles, but it will not affect the Blizzard Authenticator.

It doesn't look like Blizzard will be harmed by this at all. As a reminder, please keep your account safe by not clicking links in emails that don't appear to be from Blizzard, always check your email headers for incoming email addresses, and if you have any questions about whether an email is legitimate, contact Blizzard first. And do please get an authenticator for your account. Check out some of our own security articles here.

Filed under: Blizzard, Account Security

Blizzard posts new account security guide

Make no mistake: it really sucks when your WoW account gets compromised. Even with the speed with which compromises are handled by the support department nowadays, it's still a pain to have to wait to get your stuff back -- and it's even worse to know that someone was in there mucking around with your dudes, you know? Blizzard's been better about helping people with account security problems recently, like giving out free authenticators to some hacked accounts and offering a free phone-in authenticator service, but in the end, a lot of the responsibility falls on you the player to keep your account secure.

To that end, Blizzard has assembled a new account security guide. It's a pretty comprehensive list of the steps you can take to secure your account, from getting an authenticator to learning how to recognize phishing emails to making sure that your computer itself is secured through the use of antivirus software. Learn it, live it, love it. In account security, as in Planeteering, the power is yours.


Filed under: News items, Account Security

Breakfast Topic: What made you decide to get an authenticator?

This Breakfast Topic has been brought to you by Seed, the Aol guest writer program that brings your words to WoW Insider's pages.

Once again, Blizzard is encouraging its players to use authenticators to protect their Battle.net accounts. In addition to the incentive of a lovable Core Hound Pup pet provided to all World of Warcraft characters on an account that has an authenticator attached, there is now a contest going on to win an iPad for your best Core Hound Pup screenshot, and we've even received reports that free authenticators are being offered to owners of accounts that have previously been compromised. Still, incentives alone aren't enough for some players. Sometimes it takes an incident to drive the point home.

For me, it was a hacking scare involving my girlfriend's account. We had just resubbed to WoW in preparation for Cataclysm and were having a blast when she got a notification from Blizzard that her account had been locked due to an unauthorized break-in. Nothing was gone, no items destroyed, no gibberish-named level 1s created, but she did have to change her password and verify to Blizzard that she was still herself. She was playing on a Mac, used Adblock and had disabled Flash on her browser, and she only visited a handful of websites on a daily basis, all very innocuous places like Gmail and WoW Insider. We figured it was an isolated incident, but just to make sure, she wiped her hard drive and reinstalled WoW. Then, a week later, it happened again. I couldn't believe it, and I still don't know how or why she was targeted, but I ordered our authenticators the very next day. We haven't had a problem since.

What convinced you to get an authenticator? Was it a contest, a promotion by Blizzard, or a hacking scare? If you don't have an authenticator yet, what's holding you back?

Win an iPad during Blizzard's Core Hound Pup Adoption Campaign

Blizzard is kicking off a year-long Core Hound Pup adoption campaign and is giving away iPads for the best user-submitted epic screenshots of the Core Hound Pup in action. Two iPads will be given away each month to two lucky screenshot submitters. Follow the link over to the contest rules page, and submit your pictures for a chance at an iPad each month in 2011.

The Core Hound Pup is gained by adding an authenticator to protect your Battle.net account. Every one of your World of Warcraft characters has access to this companion pet.

I think this is a great idea to spread the word about authenticators and account security. Authenticators are the best first line of defense you've got to keeping your account safe, along with safe browsing habits. So do yourself and your players a favor and spread the word about Core Hound Pups and authenticators, and maybe even win an iPad out of the deal.

Contest rules are available here.

If your account is protected by a Battle.net Authenticator or the Battle.net Mobile Authenticator, then you already know how safe and secure your Core Hound Pup pet can make you feel. But there are plenty of players out there who can still benefit from the companionship and peace of mind that our infernal puppy provides.

We're kicking off a Core Hound Pup adoption campaign and we need your help! Simply send us funny, cute, or just plain epic screenshots featuring your fiery two-headed buddy. We'll be picking two of the most memorable images each month in 2011 and awarding the winners with a brand new iPad.

If you have yet to adopt a Core Hound Pup of your very own, then don't wait a moment longer, or we just might have to give you the big puppy-dog eyes. Visit our account security site to learn how to get a Battle.net Authenticator or download the Battle.net Mobile Authenticator, available through our mobile apps page or as a free download from the Apple App Store or the Android Market.

Adopt a puppy! Protect your loots! Win an iPad! Read the contest rules for details and eligibility requirements, and happy screenshotting!



World of Warcraft: Cataclysm has destroyed Azeroth as we know it; nothing is the same! In WoW Insider's Guide to Cataclysm, you can find out everything you need to know about WoW's third expansion, from leveling up a new goblin or worgen to breaking news and strategies on endgame play.

Filed under: Account Security

Blizzard introduces Dial-in Authenticator

If you do not have an authenticator or mobile authenticator on your account, Blizzard has just introduced an alternative. The Dial-in Authenticator, now available for those without authenticators, is a new Battle.net feature that will hopefully help those players who don't have some sort of authenticator already on their account.

Here's how it works. When you sign up, you'll be asked to make a toll-free call from a specific phone of your choosing to authorize login attempts with the battle.net account. You get to assign the phone number that is used, and if there is something unusual about the login attempt on your account, you'll be asked to call the toll-free number to verify you are you. An example of unusual activity would be playing from a different location than you normally do. In other words, if a keylogger gets hold of your account information and attempts to log in, they'll be prompted to call the number -- and they won't be able to go any further, because they don't have your phone and they don't have your PIN. You will only be asked to call if it's an unusual login -- otherwise, you can continue to log in and play with no worries.

The Dial-in Authenticator is currently only open to U.S. residents, and it only covers World of Warcraft accounts -- although Blizzard may update it to cover more countries in the future, as well as StarCraft 2 accounts. In order to sign up for the Dial-in Authenticator, you must log into your account on Battle.net, then go to Security Options and choose to add the Dial-in Authenticator. If you already have an authenticator on your account, you must remove it in order to sign up for the dial-in service; you cannot use more than one security method at a time.

For more information on the service, check out the official FAQ on Blizzard's website.

Filed under: News items, Account Security

Patch 4.0.1 adds new guild UI features


Blizzard has graciously provided a primer on how the guild UI has changed with the advent of patch 4.0.1. We've got the TL;DR for you below, and the full blue post is after the break.
  • You can now view the profession recipes possessed by all guild members, and they're both searchable and sortable.
  • Guild news such as achievements earned, epics found or items crafted is now published in the guild news feed.
  • Guild events can be scheduled through the UI now, much like normal events.
  • The UI for guild ranks and permissions has been streamlined and improved.
  • You can now make certain guild ranks require a Battle.net authenticator!

Read more →

Filed under: News items

Battle.net authenticators limited to one account

Blizzard is changing up the security on their authenticators a bit. This isn't a major change and shouldn't affect that many people. Starting now, if you happen to have multiple Battle.net accounts (not multiple WoW accounts under one Battle.net account), then each account must have its own authenticator. This means if you have separate Battle.net logins for zergrush@somedomain.com and taurenfever@example.com and you want to use an authenticator, you'll need to buy two. If you've just got taurenfever@example.com and all of your games are under that Battle.net login, then you're perfectly fine.

This is not retroactive. If you already have two accounts linked to a single authenticator, everything will still work as it does right now until you unlink that authenticator. The full blue post detailing the changes is behind the cut below.

Read more →

Filed under: News items, Account Security

Email confirmation added to authenticator setup to foil hackers

For a while now, account thieves have been putting authenticators on their stolen accounts to buy more time for their scumbaggery. Blizzard has recently made that more difficult by requiring email confirmation when an authenticator is added to a Battle.net account. Rather than just logging in and putting in the appropriate information, you now have to follow the steps in a confirmation email sent to the address registered in your Battle.net account.

Note: Changing the email address on the account requires not only your password (which the account thieves already have at this point) but also the answer to your security question. So make sure the answer to your security question is not guessable or obtainable by any phishing information. As I have suggested before, if you use a password for your security answer rather than an actual answer, you are adding a very thick level of security. Make it a separate password you use just for security questions, like p45sw0rd (don't use that one).

We don't know how long ago Blizzard added email confirmation The email confirmation has been active since July 27 and we believe it will reduce the workload of Blizzard's customer service. More importantly, this will make getting your account back less painful.

Of course, the best way to prevent someone from stealing your account and then adding an authenticator to it is to put an authenticator on it yourself. There are keyfob and mobile versions available.

[Thanks for the tip, Joel!]

Filed under: Blizzard, News items, Account Security

Reminder: Save your mobile authenticator serial number before you upgrade your iPhone

If you're using a mobile authenticator on any kind of phone or mobile device, it's important to remember that it's fairly easy to ensure that you can use it again quickly after the phone gets any sort of update or patch.

All you need to do is write down the serial number of the authenticator application you have on your phone. This way, if you need to deauthorize for any reason (or an update causes any issues) you can do so quickly and easily at battle.net without having to wait for a phone service call or what have you.

This is particularly important for those folks getting the latest iPhone OS, iOS 4. If the upgrade goes haywire for any reason, you'll likely lose all your data off the phone; including the authenticator serial number. This means if you're going to upgrade your iPhone, iPod Touch, or iPad to iOS 4, you must write down your authenticator serial number to be safe.

Filed under: News items, Account Security

Updates to the iPhone mobile authenticator

Normally we don't get too excited over updates to the Battle.net Mobile Authenticator, but reader El Oreo brought the most recent update to our attention. Version 1.1.0 of the iPhone version of the mobile authenticator contains the following updates:
  • A new "Copy" feature lets you copy the currently displayed authentication code into your device's clipboard. You can then paste it into other text entry fields, such as when accessing Battle.net Account Management on Safari.
  • Miscellaneous UI improvements.
Obviously that second note isn't all that exciting, but I think the first one is worth mentioning. This is a feature users of the mobile authenticator have wanted for awhile, not just for Safari but also for Blizzard's other upcoming app. To be more specific, the Auction House app that Blizzard has recently announced (which I hope and pray is as good as Fallen Earth's mobile app). You'll need to log in to use it, so you'll most certainly need to use the authenticator that's on the exact same phone. Since the iPhone doesn't let you use two applications at the same time, this copy feature is going to be a welcome addition. Sure, you could just remember what the generated code is, but this is 2010. Who remembers things anymore? I have computers for that.

Filed under: News items

The Queue: Keeping it classy


Welcome back to The Queue, WoW.com's daily Q&A column where the WoW.com team answers your questions about the World of Warcraft. Alex Ziebart will be your host today.

We haven't kicked off The Queue with reading music in awhile, so let's change that. Once upon a time I posted some Rhett and Link for you, an internet-based musical comedy duo, and people seemed to enjoy it. So here's more! Behold, the T-Shirt War. T-Shirt War was actually my second choice behind the far more hilarious Butt Drugs, but perhaps Butt Drugs aren't as safe for work. Still, funny stuff. Butt Drugs.

The Queue is actually a bit short today, since a majority of the questions we've been receiving require rolling bones and gazing into a crystal ball to answer. If you have a non-Cataclysm question for us, please ask in the comments below!

busuan asked...

"Why is there almost no sound effect for a warrior's shouts? In Diablo II, the similar shouts come with awesome sound effects. But in WoW, warrior shouts merely generate a visual cue. If Blizzard though effect were annoying to other people, they could have restricted the effects as self-only."

Read more →

Filed under: The Queue

Update: Keylogger source identified


Just a quick update from from our friends at World of Raids about the current situation regarding circumvented authenticators. It appears there are multiple websites being used for this malware. Be careful of which sites you go to in order to update your addons from; fake website addresses are being used to trick users.

For example, one of the fake sources appears as a "Sponsored Link" right at the top of a Google search. Don't actually visit that site and be sure to warn players asking about addons where to go.


What happens is the fake site will allow you to download a fake copy (did you see fake?) of the WowMatrix AddOn Manager which installs the emcor.dll. This Trojan (Malware.NSPack) can currently be detected by Malware Bytes.

Thanks Kody!

Filed under: News items, Account Security

WoW Insider Show 

Subscribe via  iTunes for our latest show.

Hot Topics


 

Upcoming Events

Event Date
Hallow's End 10/18 - 11/1
Day of the Dead 11/1 - 11/3
Darkmoon Faire 11/2 - 11/9
BlizzCon 2014 11/7 - 11/8

Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Pandamonium
The gaming artwork of Jessica Dinh
Mists of Pandaria Raid DPS Analysis
Mists of Pandaria Collector's Edition
Death Knight plague epidemic
Mega Bloks: Goblin Zeppelin Ambush
Mists of Pandaria Beta: Ruins beneath Scarlet Halls
Mists of Pandaria: New warlock pets
Female Pandaren Customization

 

Categories