This site makes extensive use of JavaScript.
Please enable JavaScript in your browser.
Live
PTR
10.2.5
PTR
10.2.6
Security measures more a problem than a help
Post Reply
Return to board index
Post by
pabadin
which is by the way why i will never buy diablko3. and not only because i hate the camera settings, which in itself is reason enough to stay clear of this game.
no i am talking of the ridiculous security system that seems to be propagating through all the web as an epidemy. you cannot use copy or paste anymore, which is suppose to make it more secure because you cannot just copy your password from a file and paste it. why is it more secure? i mean the only way to remember all the passwords one has to enter nowadays is either to use the same one everywhere, or to write it down somewhere. and where else but on your computer. silly? maybe, but that is the way it just is. so the security system is nothing else but a nuisance trying to make people do something they will never do. Diablo 3 goes beyond that by an infinite distance: it makes it almost impossible to log in more than twice without blocking all your account "due to suspicious activity". the only suspicious activity i ever encountered since i play wow is the security system itself. we need a security system to protect us from the security system!
Post by
Araxom
Hi Pabadin, I believe you're referring to the lock which can happen whenever you attempt to log into any of our newer games from a new computer or location that our system is not familiar with. I just want to put out there that having the free
mobile authenticator
on the account will help to prevent such locks from happening.
If you ever do have any difficulty getting into your account, just let us know. We're happy to help!
(##RESPBREAK##)12##DELIM##Sas148##DELIM##
Post by
524425
This post was from a user who has deleted their account.
Post by
Gumballs
o_O Since when did Wowhead get Blizz employees? :O
And I too get annoyed sometimes at the 'suspicious activity' locks since I often play at home, at school and at my boyfriends. However I know it's Blizzard doing their best to protect my account so I just reset my password and log back in.
As far as I know there's no feature to turn that off. I stopped using a mobile authenticator after some phone problems lead me to be unable to log into my account at all, but you can always get the physical authenticator keychain to use instead if mobile isn't an option!(##RESPBREAK##)12##DELIM##Sas148##DELIM##See
here
our announcement regarding a Blizzard Rep being present on the forums.
Post by
pabadin
Hi Pabadin, I believe you're referring to the lock which can happen whenever you attempt to log into any of our newer games from a new computer or location that our system is not familiar with. I just want to put out there that having the free
mobile authenticator
on the account will help to prevent such locks from happening.
If you ever do have any difficulty getting into your account, just let us know. We're happy to help!
spend even more money? you must be kidding! and why does it work once, and then no more?
as as far as help on the subject, i find game masters very friendly and helpful on all matters. but when it comes to this point all they can do is refer you to the security system, the cause of the problem.
or is selling the authenticator the reason behind all this? the same way some quests are so poorly formulated and directions purposefully vague to bring the players to wowhead and wowwiki where the ads are? is quality consciously being undermined to make other products desirable? nah, let's no be paranoid, shall we?
Post by
Rystrave
It's better safe than sorry. If you really want to play and care about your account, you'd spend the whopping $6 or whatever it is to get an authenticator instead of going out to eat for one meal.
Post by
AnrDaemon
Hi Pabadin, I believe you're referring to the lock which can happen whenever you attempt to log into any of our newer games from a new computer or location that our system is not familiar with.
I've been banned 3 times in a 2 hour time frame for logging into game and account management page at the same time. Because game traffic is going through cheap DSL line, and HTTP traffic is going through more expensive, but more perfomant ISP.
I have since to avoid such escapades, because I'm quite tired already of resetting my password over and over again.
I just want to put out there that having the free
mobile authenticator
on the account will help to prevent such locks from happening.
Translation: Make yourself yet another way to loose your account: by loosing your phone.
May I ask a question: Since when a mobile phone is required to play online game on PC?
It's better safe than sorry. If you really want to play and care about your account, you'd spend the whopping $6 or whatever it is to get an authenticator instead of going out to eat for one meal.
My account password is pretty safe in my head, thanks.
Post by
lonewolfe31705
Removed
@pabadin
Didn't you say like 6 months ago you were going to sto playing wow and anything else made by blizzard? I don't feel like taking the time to go back and look......either way, you have stopped playing and no longer have reason to gripe, or you hate this game so much, you should just stop playing. If all you want to do is QQ, take it to battle.net. I don't know if I speak for everyone or just myself, but I am sick of seeing you whine like a little girl every time you post because blizzard is doing something you don't like.
Edit: notice it says FREE mobile authenticator.....guess you are to busy to notice.
Good day!(##RESPBREAK##)12##DELIM##Sas148##DELIM##There is no need to make statements of this nature, please refrain. Thank you.
Post by
AnrDaemon
lonewolfe31705
, let me make a clear example.
1. Normal security advisory is to use an account identity that is not easily guessed, which implies the suggestion, that it is not relevant to any visible information other people may gather about you.
2. It also in security advisory to never share your service account credentials with anyone. The service employees already know what they need to know, noone else is need to know them besides thieves. And you don't want thieves to know your account information.
In case of WoW, this means, that you would normally use unique login name. BAM, you DISALLOWED to comply with very basic principle of a safe login system, instead, you not only required to use easily guessed or even widely known email address as your login name, but also encouraged to share it through RealID system! What a slap in the face of security advisory! Thanks at least, we're not asked to share our passwords.
But how Blizzard argument such defection from well-established and, to my uneducated mind, sensible advisory suggestions? They tell you to obtain yet another device, just to cover the loss of security they imposed on your account!
Post by
Interest
Hey arax, since I often switch locations how do I turn that off? That feature locking my account was what spurred me to quit a couple years ago. I just have a flip-phone, so no free authenticator, and I can't find the option from the Bnet web page.
I, too, would like some way to shut this off. I can understand why the failsafe is there, but I literally logged in from a couple miles from a location I logged in at and the account got locked. Furthermore, my account got locked even though I have a history of logging in from the specific area over the years. ;o
Post by
821119
This post was from a user who has deleted their account.
Post by
Sas148
It's better safe than sorry. If you really want to play and care about your account, you'd spend the whopping $6 or whatever it is to get an authenticator instead of going out to eat for one meal.
Or just use the free one, right?
Although I have wanted to suggest in the past that Blizzard offer to give new accounts a free keychain mobile authenticator if they agree to an Annual Contract or even Semi-Annual contract, something of that nature could be done or perhaps even offer it (one-time) to people who pay six months upfront. I don't know, it just seems like they could work a free offer in there with some kind of stipulations for those who honestly (for whatever reason) can't handle the very small $6 cost (and, as a side note, the fact that the device is so cheap goes to show that they have no desire in gaining any profit from it, they just want to cover the cost).
Post by
292411
This post was from a user who has deleted their account.
Post by
lonewolfe31705
lonewolfe31705
, let me make a clear example.
1. Normal security advisory is to use an account identity that is not easily guessed, which implies the suggestion, that it is not relevant to any visible information other people may gather about you.
2. It also in security advisory to never share your service account credentials with anyone. The service employees already know what they need to know, noone else is need to know them besides thieves. And you don't want thieves to know your account information.
In case of WoW, this means, that you would normally use unique login name. BAM, you DISALLOWED to comply with very basic principle of a safe login system, instead, you not only required to use easily guessed or even widely known email address as your login name, but also encouraged to share it through RealID system! What a slap in the face of security advisory! Thanks at least, we're not asked to share our passwords.
But how Blizzard argument such defection from well-established and, to my uneducated mind, sensible advisory suggestions? They tell you to obtain yet another device, just to cover the loss of security they imposed on your account!
Or, you can take just a few minutes of your time and make a secondary or tertiary email account that is tied to none of your other WoW related activites. I have an email account made just for using as my WoW email. It took about 2 minutes to set up and never gets used except to log into WoW or the support site.
As for being encouraged to share your email via RealID, if you are worried that the other person is going to hack your account, then you probably shouldn't be giving them that information. (Which is part of the reason they made Battle Tags.) Also, after you add someone via RealID, you never see their email address again, nor can you see the emails of anyone on their friends list or visa versa.
I, too, would like some way to shut this off. I can understand why the failsafe is there, but I literally logged in from a couple miles from a location I logged in at and the account got locked. Furthermore, my account got locked even though I have a history of logging in from the specific area over the years. ;o
I actually log in from a wide variety of places due to traveling for work and because i spent 4 bucks on an authenticator I never have an issue. It has also learned the 4 primary areas my account will log in from and no longer flags them for being different than my home address.
Post by
JPaterson
May I ask a question: Since when a mobile phone is required to play online game on PC?
It's not required. The mobile authenticator, as well as the keychain one, are optional.
Therefore, a mobile phone is NOT required to play online games.
Post by
wrlwnd
As I have stated several times over the past while and others in this thread have said, I travel sometimes for work and this happens. I can understand the security idea when I log in from Indiana, New Mexico and then in Canada in the period of 6 days. Each of these times I had to do the reset password scenario and appreciate that they are attempting to protect my account, having been hacked once before. With the capabilities of the mobile authenticator and SMS protect it is getting there.
Having said all that there is still one issue that disturbs me on the security front with blizzard, that being passwords are case insensitive O_O. In my research into internet security this is not good as it limits the number of possible characters available for use.
Yes, security is a pain when you have to remember 16 passwords for various servers at work and then tack on to that that multitude of websites, email accounts, games and so forth, but there are several ways to utilize similar passwords that are actually unique and easily remembered.
Post by
pabadin
the authenticator is certainly not expensive, the fact that it is needed is what i don't agree with. and 6 bucks times a couple millions is a great motivator for blizzard to have a security system that locks accounts for no reason. i love the game but i really do not trust the company. sue me or shoot me.(##RESPBREAK##)16##DELIM##asakawa##DELIM##Please don't circumvent the language filter. Even in subtle ways.
Post by
Gumballs
Except for it is NOT needed. It's just an extra security feature. If you cannot get the mobile one and refuse to get the (very cheap) normal one, then I honestly don't know what you are complaining about. It's your choice.
Post by
ElhonnaDS
There was a period of time when I also had to change my password every week because I kept traveling around, so I can understand it can be a hassle. But, I imagine it's quite a bit of hassle to have to reconstruct your account if it gets deleted, if your items get sold off and your gold sent to another server. I also know that an inexperienced or younger player may not be familiar with the number of ways you can get keyloggers. They may not be suspicious of a fake e-mail about their account and check the link, they may not know that banner ads for guides about the game on other sites are bogus, etc. This is most useful for those players, I think, but not a bad idea in general.
I think two of the most common complaints I have seen in the past are about whether or not Blizzard is working to stop gold-sellers/hackers and how long it can take for someone to respond to a ticket. It seems that this measure is an answer to both. If someone physically can't log into your account from a computer that isn't yours unless they go through hoops, then it has to cut down on the damage they can do and the gold they can make from stealing account info. And if there are automated systems in place to prevent the most time consuming problems that have to be addressed through the ticket system, those would then free up resources to deal with other tickets.
Also, I find it to be kind of a funny assertion that people can't remember more than 1 password without writing it down. I myself have 2-3 for work related accounts, and 4-5 for personal accounts, and don't have any issues. I have a single one for stuff I consider to be unimportant- signing up for humor websites and the like- and then I have one for my e-mail and a different one for each MMO I play. And then all of my work accounts are on separate passwords. And even if you did have to, you could store them in your phone or keep the piece of paper in your wallet. I fail to see how the difference between physically typing your password, and being able to copy paste from a file on your computer is worth complaining about from a player standpoint. However, I can see how not encouraging people to keep computer files with their passwords written in them could be beneficial from a security standpoint.
@Pabadin- It isn't needed. What you're complaining about is that you don't like the alternative to it. They have set up a system where you can either deal with a lock on unfamiliar computers to prove it is you, or get an authenticator to bypass the lock because merely having the authenticator proves it's you. The program is free on a smart phone, or $6 bucks without. But that $6 includes the shipping, the materials and the labor- I can't see that there's a lot of profit margin in there (especially since I know what shipping costs are currently as part of my own job). The real financial incentive is the amount of money they save not having to pay people to restore hacked accounts, and to that end making a system that makes it difficult to access an account from a different computer without some further evidence that it's the actual account owner makes a lot of sense.(##RESPBREAK##)8##DELIM##ElhonnaDS##DELIM##
Post by
pabadin
you will excuse me if i don't believe all those horror stories about accounts being hacked. one simple argument for my doubt is this: every now and then people, including me, get whispers from somebody using blizzard in the name, and telling them that there is a security issue with their account and they should log in to a specific site. it is of course a bogus message. but what i don't understand is why such messages are not intercepted by the system, how somebody could use blizzard as part of his name without all the bells starting to toll. so then i think, maybe it is not a scam, at least not from third parties... maybe blizzard is creating this paranoia, or at least feeding it. yeah i know, i don't trust blizzard, and that makes me a suspicious character.
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.