BLIZZARD® AUTHENTICATOR OFFERS ENHANCED SECURITY FOR WORLD OF WARCRAFT® ACCOUNTS
Keychain token generates unique codes used to help prevent unauthorized account access
IRVINE, Calif. –- June 26, 2008 -– Blizzard Entertainment, Inc. today introduced an optional extra layer of security for World of Warcraft®, its award-winning massively multiplayer online role-playing game. Designed to attach to a keychain, the lightweight and waterproof Blizzard® Authenticator is an electronic device that generates a six-digit security code at the press of a button. This code is unique, valid only once, and active for a limited time; it must be provided along with the account name and password when signing in to the World of Warcraft account linked to it.
To learn more about the Blizzard Authenticator, please visit [www.blizzard.com].
This is fantastic.
Yes, people can easily get by the way I have – running Firefox with Adblock and NoScript and being as insanely cautious as humanly possible to avoid clicking on the wrong link that will send your main to his skivvies. It works, it’s tried and true, and it’s as strong as the person running it.
But we all make mistakes, don’t we?
Having this little bit in my hand – or even sitting on my monitor – will make me feel 50% better about the security of my account (yes, I calculated). I don’t have to fret that NoScript might have missed one little line of code that’s going to drain the coffers of my vanity guild bank. Without this hunk of password-generating awesomeness, no hacker’s going to get into my account.
For me, this’ll be great. But let’s take a step back, shall we?
Take a basic WoW player, for example. They play maybe, oh, once a week. They have one character they’ve worked on for years, or a smattering of lower-leveled ones. They likely don’t have access to a huge guild’s treasure trove, nor are they decked out in expensive epics. Even if they did get hacked, the hacker would most likely move on before bothering to launder that haul.
These are guesses, mind you – feel free to provide proof to the contrary! 
Then we have our standard player. They might know not to give their password out to just anyone – but they might fall for the ‘your account is being traded’ email scam, or click the wrong link (repeatedly) and have their account hijacked. The authenticator can help prevent that, yes – but it won’t safeguard against a vindictive sibling or plain absentmindedness. Which reminds me: how well will that thing handle a cycle or two in the washing machine?
If you head to the information page, you’ll see that there is a system in place for recovering your account should you lose your security gizmo. I’m sure that within a month after their release, though, the “omg my dog ate my dongle” posts will start to trickle into the CSF, and I’ll know the system inside and out.
Until then, I look forward to snatching one of these things for my sanity and ease of mind.
:: eyes her cat warily ::
…better keep it up high, though.
Tags: account security, Breaking news
June 27, 2008 at 9:50 am |
Well, this sounds very similar to RSA tokens that companies use to verify users on a VPN. Assuming thats accurate they are two things. Extremely durable and very expensive (100USD a pop). RSA tokens can be washed, dried, buried, stabbed, eaten, excreted, and all sorts of other fun stuff and they’ll keep ticking. The only way I’ve managed to disable one is either the battery dieing (takes years) or manually disassembling the thing forcibly (they aren’t designed to be taken apart at all, and if you do manage to open it up it self destructs).