Two-Factor Authentication Comes to WoW
Results 1 to 9 of 9

Thread: Two-Factor Authentication Comes to WoW

  1. #1
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246

    Two-Factor Authentication Comes to WoW

    Apparently sick of dealing with hacked accounts, Blizzard adds two-factor authentication. The future of MMO security?

    Blizzard Authenticator passcode token adds anti-theft enchantment to your World of Warcraft account - Engadget

    Fear not, vulnerable World of Warcraft denizens, for Blizzard is here to sell you the $6.50 "Blizzard Authenticator" dongle. Reacting to an upswing in account theft incidents, Blizzard has released a security token that allows hardcore users to add another layer of protection to their high-level (and attractive) characters.

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    I'm all for more security on things you have to pay for, especially monthly, but couldn't they have just implemented a simpler (free) solution? Like maybe even something as simple as an authentication code sent to an email that has to be entered before the logon is completed, sort of like signing up for a forum? I'm sure there are many other (much better) ideas that cost no money and could increase security.

    Or maybe they just want more money...
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    couldn't they have just implemented a simpler (free) solution?
    Sorry pal that is just too damn cheap for my taste................ hell what do you get for $6.50 these days...... I would guess that the battery for the damn thing must cost at least $3?

    I suspect that $6.50 is about cost price?.............. not sure about shipping?

    I have not seen any evidence that the game promoter is at fault, so why should they incur the cost?

    Anyway, you don't have to buy it.........it is up to you?

    EDIT:

    What a bummer, they have sold out!
    Last edited by nihil; July 1st, 2008 at 11:58 PM.

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    To be honest, I have played wow for quite long and they should implement this for free.

    They make so much money off the monthly subscriptions.

    I dont see banks charging us for "insurance" if the money gets stolen.

    I suppose it comes through bank charges but they must protrect their customers.

    You can argue that they are doing that with this but it is not free.

    Sigh. MMO monopoly. Anyway im playing Age of conan now so im sure it will happen.
    Last edited by Cider; July 2nd, 2008 at 09:13 AM.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Nope, you don't see the reason behind the charge do you? It is not to make money, the amount is way too small.

    1. By forcing people to apply and make a payment for something you deter "time wasters". Trust me, a lot of people would want a kewl key-ring ornament if it were free, but would not be prepared to pay $6.50

    2. By forcing a payment you are forcing a confirmation of identity, which you really should do before handing out a security device?

    Both are pretty standard business practices Worldwide.

  6. #6
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hey Nihil -

    By forcing a payment you are forcing a confirmation of identity, which you really should do before handing out a security device?
    Please elaborate on this ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    OK mate

    If I make a purchase over the internet then I have to provide some details of my payment method, and the vendor goes to collect from my account. These details tie straight back to me, and I had better get the billing details correct or the transaction will be rejected.

  8. #8
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    While the price is low, it isn't the amount that was bothering me, it was the fact that there was any amount at all. While there are probably a thousand different ways to verify something, they choose a way that required a hardware piece. My question (point) was, doesn't anyone agree that there is probably a way that is just as effective that doesn't require a hardware piece, thus, avoiding a charge all together.
    Nihil, the verifacation you speak of is a good argument in favor of their choice. I'd like to hear other opinions on both sides.
    My profit comment was probably a bit overboard, I was in a mood...
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Several years ago I worked in a place where we had RSA tokens like these ones. I was told it would cost me 20 if I lost it...... I would guess that would be around $50 these days? So it doesn't look as if the $6.50 really covers the cost.

    doesn't anyone agree that there is probably a way that is just as effective that doesn't require a hardware piece, thus, avoiding a charge all together.
    I don't think so. This security method is based on something you know and something you have. So it must be partly physical.

    The device provides a one time authentication that it periodically renews.

    You have physical control over it.

    It is eminently portable.

    Anything sent over the internet is insecure and liable to identity theft. That is how many of these hijackings take place today. All someone has to do is wait for you to be offline and go and impersonate you and your account is owned.

    Think "keyloggers" or insecure WiFi?

    I am sure that Blizzard or their consultants will have looked at all the options and would have selected a lower cost one if it were available. I am certain that the payment is to deter timewasters and authenticate who gets the token.

    In the final analysis, Blizzard are not responsible for your computer getting owned, your details being intercepted or you falling for a phishing scam, are they?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •