Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag blizzard-authenticator

Reaching Blizzard support if you can't log in

Earlier this year, Blizzard launched a new Support Callback feature that allowed players with account issues to simply fill out a form and wait for a callback from support. This was a fantastic move in terms of getting rid of the need to spend hours on hold -- but it did have some players concerned and wondering how, exactly, one was supposed to contact support if one was locked out of their account and could not access the appropriate page.

Customer Support representative Araxom has written up a response to just that particular situation over on Reddit. If you cannot access your account, or log into, there is a support page that will still allow you to live chat with customer service, set up a callback, or even submit a ticket, all without having to log in. Although callbacks and live chat may not be available every hour of every day, you can still submit a ticket with this method and get a response in a reasonable amount of time. And remember -- if you're worried about account security, picking up an Authenticator is always an excellent idea.

Filed under: Account Security

Authenticator problems? You'll need to contact support

Removing an authenticator from your account is pretty easy -- so long as you have the authenticator handy. But if you don't -- like if you've upgraded your smartphone and your mobile authenticator doesn't work anymore -- then you've got a bit more trouble ahead. Usually Blizzard has an online form to help you out of a problem like this, but the form is currently MIA which makes getting help a bit harder.

Blizzard is working to get the page back online, but in the meanwhile, you'll have to resort to contacting customer support directly for help. Customer Support rep Araxom says anyone having trouble removing an authenticator will need to contact support using one of the methods at the bottom of the support page -- which means you can open a ticket, set up a phone callback, or jump into a live chat. None of these methods are instant, but they will wind up getting you the authenticator help you need without too much of a wait.

Just remember to add a new authenticator once you've removed this one -- it's a security feature you won't regret having.

Filed under: Account Security

Opt-out option incoming for recent authenticator security change

If you follow WoW account security, then you've probably heard about (or personally encountered) a recent change to the way authenticator devices work. Basically, when you log into the game, the client attempts to determine if you're logging in from your "home" computer or at least a computer you use regularly. It uses several factors to make this determination, such as your MAC address and your IP address. If the information doesn't indicate that the login is taking place from a safe machine, it'll prompt you for your authenticator code. If it is a safe computer, then you'll only be asked for your code randomly, once a week or so.

The change, aimed to make authenticators less of a hassle for those who log on from the same computer quite a bit, caused an odd uproar on the official forums from players who were worried that this change somehow made their account less secure. Addressing these concerns, Blizzard Community Manager Zarhym announced today that Blizzard is working on providing an opt-out option for this convenience feature.

Details were scarce since, as Zarhym noted, Blizzard hasn't quite nailed down specifics yet, but he assured players that it's something Blizzard's been looking into since the authenticator change was first announced.

The full announcement post and followups are after the break.

Read more →

Filed under: News items, Account Security Mobile Authenticator now available for Windows 7 Phones

Android and iOS device users have had the luxury of using the Mobile Authenticator, a software version of Blizzard's downright necessary keyfob authenticator, on their phones or tablets for a while now. As of today, Windows 7 Phone users can also take advantage of the Mobile Authenticator by downloading it from the Windows Phone Marketplace.

At this point, there's pretty much no reason not to have an authenticator -- they're 6 bucks and free to ship for a physical device and no cost at all for a software version available for every major mobile platform. Just get it! Mobile Authenticator for Windows® Phone 7 Devices
The Mobile Authenticator, an application for mobile phones that provides an extra layer of account security, is now available as a free download for Windows® Phone 7 devices on the Windows Phone Marketplace. The Mobile Authenticator provides a one-time password that you use in addition to your regular account name and password when you log in to a account to play World of Warcraft or StarCraft II.
Versions for other mobile devices are also available for download here, or you can purchase a physical Authenticator from the online Blizzard Store. Visit the Mobile Authenticator FAQ for more information, or head to the setup page to get started after you've downloaded the application.
For additional account security advice, check out our Account Security page. authenticator process updated with smarter log-in detection

A substantial updated to the authentication system was announced today. Players will soon notice a change to their authenticator log on -- it just might not appear. Blizzard's login servers and authentication system now intelligently track where your account is logging into the game from and, if you're consistently logging in on your home computer, the authentication servers will let you pass, no code needed.

Blizzard wants make the authentication process less intrusive and this is a first step towards that goal. Right now, having to input a code each and every log in is a pain, sure, but it also makes me feel secure. I'm never going to say no to more security, however, and if the system is something that can accurately figure out where I am and let me on, that's great.

This doesn't take into consideration the circumstance where you use an authenticator to prevent access to WoW, even from the home PC. I know some parents who use a simple password that their kids can remember but use the authenticator as the gate to prevent unwanted play. Maybe there will be an opt-out feature of some kind to always ask for the code.

You can check out the account security page or check out the Blizzard mobile site for application information. For more information on this specific change to the authenticator system, follow me after the break.

Read more →

Filed under: Blizzard, Account Security

Blizzard giving serious consideration to mandatory authenticators has learned through trusted sources close to the situation that Blizzard is giving serious consideration to making authenticators mandatory on all accounts. According to our sources, while this policy has not been implemented yet and the details are not finalized, it is a virtually forgone conclusion that it will happen.

This response is a direct effort to stop the massive number of compromised accounts by gold sellers and keyloggers. The seriousness of the situation with compromised accounts has reached such a level that wait times for item and character restoration are entirely unacceptable, even to Blizzard executives. Blizzard has taken other internal measures to deal with long wait times of people in account restoration queues, and we'll be covering those measures tomorrow.

However, with the inclusion of mandatory authenticators, this should solve a major problem for Blizzard's support and account administration teams.

Read more →

Filed under: Blizzard, News items, Account Security

New computer shipped with malware that targeted WoW

Here's a big oops -- a company named M&A Technology accidentally shipped out a unit of their Companion Touch PC that contained some malware on it, including a password stealer that targeted World of Warcraft. It was an accident -- apparently someone at the factory decided to upgrade the computer's drivers and software before shipping it out, but they used a USB stick that had been infected with the bad apps, and thus in the process infected the brand new computer. Fortunately, the person who received the computer apparently scanned and caught the bad code before any damage was done -- I guess if you buy a computer from a brand you've never heard of, it's worth giving it an antivirus and malware scan at least once before you use it.

And/or you can just use an authenticator -- even if someone nabs your password, the Blizzard Authenticator makes sure that they can't log in without a current code. So there's not too much to worry about here -- while computers do occasionally get shipped with software that could jeopardize your security, as long as you're vigilant about what's on your hard drive, and take caution before using apps and hardware that you've never used before, you generally won't have any problems.

[via WoW LJ]

Filed under: Patches, Analysis / Opinion, Odds and ends, Hardware

Authenticators are back in stock, git 'em boys!

Who doesn't love themselves some authentication goodness?

I sure do!

You following me camera guy?

For those of you who don't have an authenticator yet, you now can get one from the Blizzard Store. They are back in stock, hurry up and get them while you still can. The other option is to download it onto your iPod Touch or iPhone and enjoy your security that way.

Many users sent us this tip in over the last twenty-four hours, so be sure to order yours now if you want it!

Filed under: News items, Account Security

Blizzard Authenticator (temporarily) gone from Blizzard Store

Update: And, of course, as this is posted, we are pointed in the direction of a thread on the Customer Service forums indicating that this is, indeed, an error. It's currently out of stock and should be displaying as such, but the item is simply not displaying at all instead. It will return when it's in stock. Thank you to those that pointed this out.

Original Article: We held off on reporting this for a few days, just in case it were a glitch or accident on Blizzard's end (making a mountain out of a molehill makes us all look silly), but it's been this way for long enough that it's worth mentioning: The Authenticator is no longer in the Blizzard Store. Previous bookmarks and links to the item are broken, and searching for it yields nothing but broken dreams.

Oddly, this happened in lockstep with the news that the Mobile Authenticator was available. Whether it was coincidental or intentional, we don't really now, but I think it's a pretty odd choice! It seems like an indication that they don't intend to stock them again. That's disappointing, to say the least. Blizzard hasn't pulled profit on either the Mobile or Physical authenticators, so I can understand wanting to cut costs by stopping production and distribution of the physical authenticators, if that is what they're doing. It's still disappointing, because I have serious doubts that everyone who wants/needs an authenticator has an iPhone/iTouch for the mobile app.

No business, even one as successful as Blizzard, wants to sell something at a loss. Blizzard has made it clear that they don't want to charge for the opt-in authenticator service. From a purely financial view, I can see why they would pull it. As a player, I really wish they didn't.

Filed under: Analysis / Opinion, Blizzard, Account Security

Account security mythbusting

So, you might have noticed the increased number of warnings and advice from Blizzard regarding account security lately. They've even popped up in the game itself, as a server message when you first log in. Needless to say, this has caused no dearth of consternation in the WoW community (read: people be trippin').

So, why the sudden notices? Has something changed? Has Blizzard lost their footing in the war against hackers and gold farmers? Is Blizzard in cahoots with them? What's this itchy pentagram-shaped rash I've developed?

Now, there's a lot I can't talk about regarding this stuff, and certainly not for any sinister reason. It's a selfish reason, though, that being that I really like not getting sued. I can, however, use my experience and knowledge to bust or confirm some common account security myths. Ready?

I'm a trained professional. Don't try this at home!

Read more →

Filed under: Analysis / Opinion, Account Security

Countdown to Wrath Giveaway: Day 6 - BlizzCon Aunthenticators

The Countdown to Wrath Giveaways continue. Today we are giving away not just any Authenticator, but the BlizzCon 2008 Special Edition Authenticator. And we have four to hand out to the winners.

To enter, leave a comment on this post before Saturday, November 8, 2008 at 12pm ET (noon). Four winners will be chosen randomly and each will receive a BlizzCon 2008 Special Edition Authenticator (valued at $6.50). You must be at least 18 to enter and a legal resident of the United States or non-Quebec resident of Canada. You can only enter once. Click here for complete Official Rules.

More giveaways are coming every day. Prizes include Upper Deck loot cards, more BlizzCon Polar Bear mounts, more Wrath Collector's edition boxes and a complete BlizzCon swag bag.

EDIT: Giveaway closed to further entries. We'll be contacting the winner soon. Good luck to all who entered. Be on the lookout for more contests every day until Wrath launch!

Filed under: Contests

International Space Station has a keylogger

NASA has confirmed that the International Space Station has been infected by a keylogger. It was carried onto the station by an astronaut's laptop back in July. The keylogger in question is the W32.Gammima.AG -- which is specifically a gaming keylogger. In other words, the ISS has the exact kind of keylogger that plagues so many of us in WoW.

NASA describes the keylogger as merely a "nuisance," but at least two of the laptops on board had the virus. That probably means it arrived on one laptop, and a removable device like a thumb drive carried it to another. Kelly Humphries, a NASA spokesperson, said "This is not the first time we have had a worm or a virus. It's not a frequent occurrence, but this isn't the first time."

For security reasons, Humphries couldn't say whether mission-critical systems were affected by the keylogger. NASA is working with its Russian partners to figure out how the virus got space-born.

Here's hoping the International Space Station has their Blizzard Authenticators installed properly.

Filed under: News items, Account Security

Authenticator failure revisited, Blizzard responds

We created a lot of waves with this post about Blizzard's Authenticator key allegedly failing -- as you know if you've been listening to the podcast, lots of people have emailed us with their own input on the situation, alternately thanking us for making it known that the Authenticator wasn't 100% secure, and lambasting us for being "ignorant" about how Blizzard's security token works. At the base of the story, there are two things we know are true: that someone was using the Authenticator on their account, and then was subsequently hacked. For that reason, we've stood by the "Authenticator fails" story -- while having an Authenticator on your account is a helpful line of defense, it, like all other computer security measures, isn't a 100% guarantee against getting hacked.

Most people agree on that. Where opinions differ are in how the account was hacked -- originally, we and a few other sources speculated that the Authenticator had been somehow removed from the account in question. But now Belfaire has responded (we believe to the incident in question, though a link to our story was removed from the original post), and says that as far as he can tell, the Authenticator was not removed from the account. In fact, after the password was changed back, the Authenticator's serial key was asked for and given, so the Authenticator remained attached to the account the whole time.

Of course, that just leaves the most important question: how did the account get hacked? We've heard all kinds of various insights as to how the Authenticator works (it only lasts for 60 seconds, supposedly each key can only be used once, so there's no way a keylogger could nab the Authenticator code and reuse it), but the fact remains that the person we're talking about was using the key, and still got hacked. One hack out of all the Authenticators sold so far is a terrific record, and could prove that, statistically, an Authenticator is good as 100% security. But the fact remains that this person got hacked while using the key (however it was done), and if security can be broken once, it will be broken again.

Filed under: Items, Analysis / Opinion, Blizzard, News items, Account Security

Authenticator fails, removed from account without user's permission

Editor's Note: This entire situation has been debunked. The authenticator was not hacked, compromised, or forcefully removed. The account had been shared, and the authenticator along with it. Authenticators do not offer any security if you give it away. If you're worried about other account security myths, our own Michael Sacco has tackled them in a mythbusting series.

Think a Blizzard Authenticator will keep your account from being hacked? Think again -- we've got our first known report of someone who was protecting their account with one of Blizzard's keys, and still got their character hacked down to their undies. Someone in this forum thread apparently logged out one night and logged on the next morning to find her account stripped of everything but PvP gear, and her Authenticator no longer connected to her account.

Supposedly, to deactivate an Authenticator from an account, you need to get in touch with Billing services, and reportedly they'll then ask for a notarized statement with a picture, like a driver's license, just to remove the Authenticator. But obviously, this one was removed even without that, and we're being told that all you might need to remove the Authenticator is the answer to the user's secret question and a CD key (or even less). In other words, the fault isn't with the technology, it seems to be with the support reps on Blizzard's side of the phone line -- if they can be convinced to remove the Authenticator, the account can then be hacked.

The little keys have been selling like hotcakes since they were released -- almost everyone has figured that $6.50 was cheap for peace of mind. But while an Authenticator still does provide an extra step in security, the sad truth is that it hardly makes an account impermeable.

[Via BRK]

Filed under: Analysis / Opinion, Blizzard, Forums, Account Security

Activating the Authenticator

The Blizzard Authenticator is currently sold out on the Blizzard Store. I'm sure there will be plenty more to come, when they're ready. I bought one as soon as I heard they were available. Although my experience with the Blizzard Store was not great, it was certainly better than some others. After my order was placed, every time I checked on in, I what appeared to be a rag doll murloc who informed me that an error occurred on the page.

My authenticator has arrived. Thanks to the free shipping from the Blizzard online store, I saved $0.59 in United States Postal Service postage. To be honest, I'm just glad to have my security token. The token come with a single piece of documentation, which directs the user to the security token FAQ page.

I expected the authenticator to be slightly larger. It's approximately the same size as the clicker for my Mustang. I have not yet devised a tether for it, but the device will soon be leashed to my computer.

Read more →

Filed under: How-tos, Blizzard, Account Security

Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Occupy Orgrimmar
Midsummer Flamefest 2013
Running of the Orphans 2013
World of Warcraft Tattoos
HearthStone Sample Cards
HearthStone Concept Art
It came from the Blog: Lunar Lunacy 2013
Art of Blizzard Gallery Opening