Filed under: Account Security

How to replace a keyfob authenticator with a smartphone Battle.net authenticator

by Michael Gray Mar 31st 2012 at 6:00PM

I've had my authenticator for years. Taking the sound advice of persons wiser than me, I picked up an authenticator way before it was cool. No hackers or n'er-do-wells were getting into my account and sharding my purples! Those purples vindicate my life choices, and criticizing my life choices is my wife's job, not some random stranger who scammed my password from Facebook!

But like many things in life, this authenticator too must pass. In this specific case, this authenticator must pass between the jaws of my dog. It didn't work so well after Sylvanas got done unleashing some Dark Puppy-level fury on it.

If you too find yourself needing to replace your trusty old authenticator, here's how you get it done. In this case, we're replacing the old sexy keyfob with a new, nearly-as-sexy iPhone authenticator app.

Filed under: Account Security

Reminder: Watch out for Mists of Pandaria beta invite scams

by Anne Stickney Mar 22nd 2012 at 4:00PM

Email notifications for the Mists of Pandaria beta have started arriving in people's inboxes -- and this means that we'll likely see an upswing in beta invite scams, as well. If you have received an email stating that you've been invited to participate in the Mists beta, be aware of the following:

Don't click any link in the email. Blizzard will never ask you for your account information via email, nor will it usually provide any kind of link to click on.
Do head to Battle.net. Type the URL into your browser (don't follow a search or email link) and use the secure login on that page to log into your account.

If you have been invited for the first round of Mists beta, you will see your normal World of Warcraft: Cataclysm account listed under your game accounts -- and underneath that, you will see a listing for World of Warcraft: Mists of Pandaria Beta. If you do not see a link to the Mists of Pandaria beta under your game accounts, you are not in this round of testing, and the email you were sent was a fake.

The same applies with beta keys as well. If you receive a notification with a beta key, do not click on any links in the email. Go to your Battle.net account as listed above, head to Manage My Games, choose Add or Upgrade a Game, and manually enter the beta key. If the beta key works, you're in; if it doesn't work, you may have been the recipient of a fake key.

Remember, any time there is a beta or a trial period for a new game, there will usually be an upswing in attempts to nab accounts, too. Keep your account safe -- and if you made it in the beta, have fun!

It's open warfare between Alliance and Horde in Mists of Pandaria, World of Warcraft's next expansion. Jump into five new levels with new talents and class mechanics, try the new monk class, and create a pandaren character to ally with either Horde or Alliance. Look for expansion basics in our Mists FAQ, or dig into our spring press event coverage for more details!

Filed under: Account Security, Mists of Pandaria

Blizzard discusses Gold Selling and the Guardian Cub

by Matthew Rossi Oct 22nd 2011 at 11:30AM

It wont come as any surprise that the Guardian Cub has been somewhat controversial since it was announced. Now, Blizzard gives a remarkably pragmatic response discussing exactly why this move is being undertaken. As our own Mat McCurley pointed out, this is the first step in an experiment aimed at learning exactly how to curb gold selling. It's not intended to do away with the problem overnight, but rather to help them figure out how.

The complete text of the Blizzard post which you can find here will be posted behind the cut. It's an interesting way to approach the lost time and stress of account hacking.

Filed under: Blizzard, News items, Account Security, Cataclysm

Blizzard releases customer support how-to videos

by Mathew McCurley Sep 15th 2011 at 8:00PM

As part of its continued fight against account hacking and account compromise, Blizzard's customer support department has started a YouTube channel dedicated to hosting how-to videos on security, what to do if your account is hacked, general security tips, and how to use the Battle.net authenticator. Not only are the videos educational and helpful, they are also adorably fun, making security as enjoyable as it possibly can be.

Not only is this an awesome service for Blizzard to put out, the videos offer excellent ideas for online security in general. The tips in the general account security video are great tips to follow, even if you aren't a gamer. Everyone on the internet should be following these security tips. Good on you, Blizzard, for this awesome community service. I don't think we can give the customer support guys enough shout-outs.

Brace yourselves for what could be some of most exciting updates to the game recently with patch 4.3. Look at what's ahead: new item storage options, cross-realm raiding, cosmetic armor skinning and your chance to battle the mighty Deathwing -- from astride his back!

Filed under: Blizzard, Account Security

Hacker groups tried to take down WoW ... and failed

by Adam Holisky Aug 22nd 2011 at 10:30AM

Given the recent hacking of major companies, could WoW be hacked? In an article posted today at Digital Spy, Lead Game Designer Tom Chilton replies that attempts have been made recently, but Blizzard came through unharmed.

While the question and answer doesn't specifically say LulzSec or Anonymous, I think it's safe to assume LulzSec is the group in question, given the recent high-profile attacks on U.S. government sites and other MMOs, like EVE Online.

Most of LulzSec's work has been focused on DDoS attacks and breaking into servers to create "lulz." During their most recent spree, rumors abounded that WoW was a target; however, nothing came of it. It would now appear nothing came of it thanks to Blizzard's security measures.

Tom Chilton

Several major gaming studios have fallen victim to hackers of late. What measure are Blizzard taking to ensure that WoW is not hit?

We have always tried to be as diligent as we possibly can when it comes to security. Certainly when hacking was going on with other companies recently there were numerous attempts against ourselves also. Fortunately, our security was good enough, so we didn't lose data or anything like that.

We always put a high priority on security, but that's not to say you can ever be impregnable. We're not resting on our laurels saying 'they can't get us'. It's always a possibility, and we take it very serious, but so far, so good.

source

Filed under: Blizzard, News items, Account Security

Opt-out option incoming for recent authenticator security change

by Michael Sacco Jul 26th 2011 at 8:00PM

If you follow WoW account security, then you've probably heard about (or personally encountered) a recent change to the way Battle.net authenticator devices work. Basically, when you log into the game, the client attempts to determine if you're logging in from your "home" computer or at least a computer you use regularly. It uses several factors to make this determination, such as your MAC address and your IP address. If the information doesn't indicate that the login is taking place from a safe machine, it'll prompt you for your authenticator code. If it is a safe computer, then you'll only be asked for your code randomly, once a week or so.

The change, aimed to make authenticators less of a hassle for those who log on from the same computer quite a bit, caused an odd uproar on the official forums from players who were worried that this change somehow made their account less secure. Addressing these concerns, Blizzard Community Manager Zarhym announced today that Blizzard is working on providing an opt-out option for this convenience feature.

Details were scarce since, as Zarhym noted, Blizzard hasn't quite nailed down specifics yet, but he assured players that it's something Blizzard's been looking into since the authenticator change was first announced.

The full announcement post and followups are after the break.

Filed under: News items, Account Security

Battle.net authenticator process updated with smarter log-in detection

by Mathew McCurley Jun 16th 2011 at 7:00PM

A substantial updated to the Battle.net authentication system was announced today. Players will soon notice a change to their authenticator log on -- it just might not appear. Blizzard's login servers and authentication system now intelligently track where your account is logging into the game from and, if you're consistently logging in on your home computer, the authentication servers will let you pass, no code needed.

Blizzard wants make the authentication process less intrusive and this is a first step towards that goal. Right now, having to input a code each and every log in is a pain, sure, but it also makes me feel secure. I'm never going to say no to more security, however, and if the system is something that can accurately figure out where I am and let me on, that's great.

This doesn't take into consideration the circumstance where you use an authenticator to prevent access to WoW, even from the home PC. I know some parents who use a simple password that their kids can remember but use the authenticator as the gate to prevent unwanted play. Maybe there will be an opt-out feature of some kind to always ask for the code.

You can check out the Battle.net account security page or check out the Blizzard mobile site for application information. For more information on this specific change to the authenticator system, follow me after the break.

Filed under: Blizzard, Account Security

iPhone Mobile Authenticator temporarily removed from iTunes store

by Anne Stickney Jun 3rd 2011 at 5:00PM

Those players using the iPhone Mobile Authenticator in conjunction with their Warcraft accounts may want to note the latest news from Community Manager Lylirra on the official Blizzard forums. Due to an issue with the latest version of the authenticator, the app has been removed from the iTunes store, to be replaced with a new version at a later date.

Don't panic if you happen to have the authenticator tied to your account -- all current authenticators will continue working as usual, but players looking to download or update the app for their iPhone or iTouch devices will have to wait until the new version is released. Also note that whatever this issue may be, it is not a security issue; your account is perfectly safe.

Follow after the break for the full announcement.

Filed under: News items, Account Security

First Core Hound Pup adoption campaign winners announced

by Mathew McCurley Apr 21st 2011 at 7:00PM

Blizzard's Core Hound Pup Adoption Campaign is giving players the chance to win an iPad as well as boost their own account security. In an effort to get more authenticators attached to accounts, Blizzard ponied up some iPads to get the job done. Each month, a screenshot entry is chosen to win one of 12 iPads. Just take a screenshot of you and your security pup companion doing something crazy, out of the ordinary, or just plain awesome, hit up the contest rules page, and you've got a shot at winning. The first four winners have just been announced and their screenshots released.

Gallery: Core Hound Pup Adoption Campaign Screenshot Winners

Filed under: Contests, Account Security, Cataclysm

Breakfast Topic: Has your account ever been compromised?

by Andrew Ross Apr 19th 2011 at 8:00AM

This Breakfast Topic has been brought to you by Seed, the AOL guest writer program that brings your words to WoW Insider's pages.

Account security is a serious matter in Azeroth. If a player's account is ever compromised, it can be a devastating blow. You work hard to reach the level cap, run the dungeons and raids for the gear your character needs and level your chosen professions. Chances are, you also have a fair amount of gold from questing, dailies, and your professions. If hackers gain access to your account, they wreak havoc while inside, stripping your characters of everything they have, taking all your gold, and selling anything of value.

My account has only been hacked into once, but it was more than enough for me to doublecheck my security settings, wipe my hard drive, and buy an authenticator. When my account was hacked, I was beyond devastated. All of the hard work I put into my characters was gone in an instant. Hackers move a lot like a fire.

Filed under: Breakfast Topics, Account Security, Guest Posts

RSA security hack not affecting Blizzard authenticators

by Mathew McCurley Mar 18th 2011 at 3:30PM

Many people were quick to wonder and worry about whether the recent hacking of the RSA (the security branch of EMC) had the potential of harming Blizzard's authenticators or authentication software. Fear not, as the blues have chimed in with a response:

RSA Hack and Blizzard Authenticators

Pokzin,

The Blizzard Authenticators are based off modified Vasco tokens. I'm sorry to hear about RSA's troubles, but it will not affect the Blizzard Authenticator.

source

It doesn't look like Blizzard will be harmed by this at all. As a reminder, please keep your account safe by not clicking links in emails that don't appear to be from Blizzard, always check your email headers for incoming email addresses, and if you have any questions about whether an email is legitimate, contact Blizzard first. And do please get an authenticator for your account. Check out some of our own security articles here.

Filed under: Blizzard, Account Security

Blizzard posts new account security guide

by Michael Sacco Feb 16th 2011 at 7:00PM

Make no mistake: it really sucks when your WoW account gets compromised. Even with the speed with which compromises are handled by the support department nowadays, it's still a pain to have to wait to get your stuff back -- and it's even worse to know that someone was in there mucking around with your dudes, you know? Blizzard's been better about helping people with account security problems recently, like giving out free authenticators to some hacked accounts and offering a free phone-in authenticator service, but in the end, a lot of the responsibility falls on you the player to keep your account secure.

To that end, Blizzard has assembled a new account security guide. It's a pretty comprehensive list of the steps you can take to secure your account, from getting an authenticator to learning how to recognize phishing emails to making sure that your computer itself is secured through the use of antivirus software. Learn it, live it, love it. In account security, as in Planeteering, the power is yours.

Filed under: News items, Account Security

Win an iPad during Blizzard's Core Hound Pup Adoption Campaign

by Mathew McCurley Jan 27th 2011 at 8:00PM

Blizzard is kicking off a year-long Core Hound Pup adoption campaign and is giving away iPads for the best user-submitted epic screenshots of the Core Hound Pup in action. Two iPads will be given away each month to two lucky screenshot submitters. Follow the link over to the contest rules page, and submit your pictures for a chance at an iPad each month in 2011.

The Core Hound Pup is gained by adding an authenticator to protect your Battle.net account. Every one of your World of Warcraft characters has access to this companion pet.

I think this is a great idea to spread the word about authenticators and account security. Authenticators are the best first line of defense you've got to keeping your account safe, along with safe browsing habits. So do yourself and your players a favor and spread the word about Core Hound Pups and authenticators, and maybe even win an iPad out of the deal.

Contest rules are available here.

If your account is protected by a Battle.net Authenticator or the Battle.net Mobile Authenticator, then you already know how safe and secure your Core Hound Pup pet can make you feel. But there are plenty of players out there who can still benefit from the companionship and peace of mind that our infernal puppy provides.

We're kicking off a Core Hound Pup adoption campaign and we need your help! Simply send us funny, cute, or just plain epic screenshots featuring your fiery two-headed buddy. We'll be picking two of the most memorable images each month in 2011 and awarding the winners with a brand new iPad.

If you have yet to adopt a Core Hound Pup of your very own, then don't wait a moment longer, or we just might have to give you the big puppy-dog eyes. Visit our account security site to learn how to get a Battle.net Authenticator or download the Battle.net Mobile Authenticator, available through our mobile apps page or as a free download from the Apple App Store or the Android Market.

Adopt a puppy! Protect your loots! Win an iPad! Read the contest rules for details and eligibility requirements, and happy screenshotting!

source

World of Warcraft: Cataclysm has destroyed Azeroth as we know it; nothing is the same! In WoW Insider's Guide to Cataclysm, you can find out everything you need to know about WoW's third expansion, from leveling up a new goblin or worgen to breaking news and strategies on endgame play.

Filed under: Account Security

Gawker hack prompts Blizzard to issue password reset

by Adam Holisky Dec 15th 2010 at 12:00AM

The hacking of Gawker websites earlier last week has prompted Blizzard to issue a security alert and emails requesting that certain users reset their Battle.net passwords. These emails, sent to your Battle.net account, request that you log into Blizzard's account management and reset your password via the provided tools.

Earlier we reported these emails as phishing attempts. This turned out to be incorrect. At the time these emails were received by members of our staff, there was no word from Blizzard on them, and such attempts at phishing out WoW account passwords are common after well-known hacking attempts.

Nonetheless, it is imperative that everyone uses an authenticator and employs good password security. Always watch what the links you go to are, and don't use the same password for multiple sites -- especially for your WoW account. If you do have an account with a Gawker website, it's recommended that you reset your Battle.net / World of Warcraft password.

Blizzard's full statement after the break.

Filed under: Account Security

Blizzard introduces Dial-in Authenticator

by Anne Stickney Nov 9th 2010 at 5:40PM

If you do not have an authenticator or mobile authenticator on your account, Blizzard has just introduced an alternative. The Dial-in Authenticator, now available for those without authenticators, is a new Battle.net feature that will hopefully help those players who don't have some sort of authenticator already on their account.

Here's how it works. When you sign up, you'll be asked to make a toll-free call from a specific phone of your choosing to authorize login attempts with the battle.net account. You get to assign the phone number that is used, and if there is something unusual about the login attempt on your account, you'll be asked to call the toll-free number to verify you are you. An example of unusual activity would be playing from a different location than you normally do. In other words, if a keylogger gets hold of your account information and attempts to log in, they'll be prompted to call the number -- and they won't be able to go any further, because they don't have your phone and they don't have your PIN. You will only be asked to call if it's an unusual login -- otherwise, you can continue to log in and play with no worries.

The Dial-in Authenticator is currently only open to U.S. residents, and it only covers World of Warcraft accounts -- although Blizzard may update it to cover more countries in the future, as well as StarCraft 2 accounts. In order to sign up for the Dial-in Authenticator, you must log into your account on Battle.net, then go to Security Options and choose to add the Dial-in Authenticator. If you already have an authenticator on your account, you must remove it in order to sign up for the dial-in service; you cannot use more than one security method at a time.

For more information on the service, check out the official FAQ on Blizzard's website.

Filed under: News items, Account Security

WoW Insider Show

Subscribe via iTunes for our latest show.

Hot Topics

WoW Insider Social Links

Put WoW Insider headlines on your site
Follow WoW Insider on Twitter
Find us on Facebook

Upcoming Events

Event	Date
Darkmoon Faire	5/6 - 5/12
Call to Arms: Twin Peaks	5/11 - 5/14
Call to Arms: Arathi Basin	5/18 - 5/21
Call to Arms: Eye of the Storm	5/25 - 5/28
Call to Arms: Alterac Valley	6/1 - 6/4
Call to Arms: Warsong Gulch	6/8 - 6/11
Call to Arms: Strand of the Ancients	6/15 - 6/18
Midsummer Fire Festival	6/21 - 7/4
Call to Arms: Isle of Conquest	6/22 - 6/25
Call to Arms: The Battle for Gilneas	6/29 - 7/2