Lets just see how many actually uses the blizzard authenticator.. I heard even with blizzard authenticator got hacked..

i use capalang phone can use this meh?

This post has been edited by DrLaboo: May 22 2012, 11:16 AM

whaz is blizzhurrdurr??

You dont have an option of

"No, I dont use an authenticator."

yah..agree. but how bout the sms alert? that one not authenticator right?

no smart phone...guess i'll go have a look at the sms alert see can use on my fon anot

The authenticator app is something you download for your android/iPhone device, which provides you with a code every time you log in. Its very different from the SMS alert thingy. That one only sends you an SMS when you change your account password or transfer money off your account to paypal, kinda like what most banks do now with regards to online transactions.

i use the smartphone authenticator. seems that can be hacked too, but nevertheless added security

I'm using physical one

Gotten a core hound pet for my WoW account as well

Im using the phone authenticator plus the SMS alert just for extra protection... I think Blizzard should be having a lot of complaints on this hacking issue...

how this authentication work ah actually???? each time i login to diablo 3 game i need to get the passcode?? or only needed when i login to www.battle.net?

bro,

is there any charges from the telco side for SMS received?

for login diablo,it didnt ask u for the authenticator number,only when login to bnet account and wow.
oh im using physical authenticator after my wow got hacked couple years back.

This post has been edited by athlonmax: May 22 2012, 02:43 PM

you can select in the settings if you want it to auth everytime you login (d3, b.net, wow, etc) or everyweek.

but just a note, the authenticator IS NOT fool-proof. it's been defeated before, and WILL be defeated again.

wanna know why those haxxors need a maximum of 2 mins to clear out your account, even with the auth?

it's because the way blizzard uses the auth. everytime it generates a code, you have a few seconds (20-30 secs?) until it generates a new one.

but even if the code has expired after 30 secs, you still can use it. i think there is a grace period of 60-120secs before the code truly expires on b.net's side.

so a hacker can get your code with the MITM method (or some other exploit), login, change your password, add you as a friend, clean up account, and bye bye. all in under 2 minutes.

but however it is, no authenticator can be stronger than good logic - update antivirus, don't reuse your password with email, stop running unneeded programs/apps while playing, etc. it may be a hassle to you, but remember you only need to be screwed once.

This post has been edited by C-Fu: May 22 2012, 02:57 PM

seems like clean habits without authenticator is better.

Im not sure is there any charges or not. Will check next month's bill statement. If there are charges, shouldnt be much and Im expecting it to be free.

better yeah, but like i said, you only need to be screwed once. then you're on the other side of the "battle" already

having more security is good, but nothing beats safe surfing. i personally would still recommend having beefed-up security that blizzard offers than none/little at all. reading up at blizzard forum on people's issues is making me (slightly) paranoid not to mention having a friend who got screwed as well, but probably not through hacking, but some server-side issues.

lyn is an open forum, anybody can read comments, especially that "post your battletag" thread. you never know who reads them and posts there

This post has been edited by C-Fu: May 22 2012, 03:42 PM

eh read this
it is problem on server.

blizzard's battle.net server not secure enough.
dafuq is this.

yeah, i know about that issue. time and history have shown that blizzard/activision will keep their mouth shut whenever they have problems (in a good or bad way) until shit hits the fan my best guess would be that they were trained by our Malaysian politicians


with the money pouring in, it's a surprise why they won't implement a machine auth feature like facebook where if you logged in using some unknown/new device, it'll send you an sms asking you to verify. it's a very simple and effective tool to prevent account takeovers in facebook/gmail/etc, and yet nobody there seems to care.

This post has been edited by C-Fu: May 22 2012, 03:50 PM

i use both mobile & blizz auth along with keyscrambler & zemana antikeylogger

Here is some tips for you guys who may not know about the authenticator.

http://itunes.apple.com/us/app/battle.net-...d306862897?mt=8 <- for I Devices
https://play.google.com/store/apps/details?...zzard.bma&hl=en <- for Android

Purpose of using the apps/tools is to authenticate the genius account holder.

so far im using it to avoid attackers such as the exploit (happen before when i was playing my wow in one of the cc, acc was been hacked) after i have using the authenticator there was no issue.

Based on "C-Fu" mention about the hacker take advantage of the changing time of the running number to be changed yes this might happen that y the be implementing SMS alert.

i think they have doing some research to releasing the tools (not making for fun).

is just for additional security only


but one importing that mention by "Deimos Tel`Arin" is good to have clean practice to perform login by changing the password frequently to avoid been hacked.

enjoy the game and have a secure log in


Cheers

hey , check out the sms thing also.

http://us.battle.net/support/en/article/ba...net-sms-protect

if hack then i dont play lor if they no retrieve

I started to use phone one since a year ago play WoW, good to improve account security.