Battle.NET account + Blizzard Authenticator + today = fail

[Otlecs]

The move to a proper one-time key is a Good Thing, but to make it more bearable for us, they really do need to improve the authenticator to generate a new code every time it's cycled!

[aboron]

The move to a proper one-time key is a Good Thing, but to make it more bearable for us, they really do need to improve the authenticator to generate a new code every time it's cycled!

The way (i'm fairly sure) the authentication works is that the keychain unit and the auth server create a new valid agreed upon key every 30 seconds. This key is valid for a try made in that 30 second block and is based on the authenticator serial number and the time/day plus some other constant numbers no one else is likely to know.

Since the server has no way of knowing if you pressed the button, there is no way it can be made to accept a different number until the 30 seconds go by and it moves on to the next one. They could make both sides change numbers more frequently, but then you would have less time to type in the correct number before it expires. (there is probably also some tracking server side for the previous and next valid numbers to account for the timebase drift that likely happens on the keychain unit, since it is bound to be significant and would vary with temperature and such)

I have a similar unit to this for my etrade account and it does't bother with the button, it just always shows the current valid number, and a little countdown bar showing how much longer until it changes.

[Targ]

Pushing the button just causes the Display to turn on, the code that is displayed is an encription of the Time of Day (likely rounded to 30 sec) and the Fob serial number.

(there is probably also some tracking server side for the previous and next valid numbers to account for the timebase drift that likely happens on the keychain unit, since it is bound to be significant and would vary with temperature and such)

I suspect it is the Time of Day tracking on the Server side that is issue. When the servers decript the code they get the Time of Day on your Fob. On the Servers they are keeping up with the drift from real time for each Fob on each account in their system, other wise your FOB would stop working when the internal clock drifted too far off real time.

I am thinking that when you log into one Battle.NET account 5 times, it does not like five different FOB time of Day updates in a row with the same TOD, and rejects them. The drift calculation may not like Zero time difference from the last log on. Where as when the accounts were seperate they got a single FOB time of Day Update on each account accross your Five acounts, and then they where keeping up a seperate Drift calculation on each account.

[Svpernova09]

Pushing the button just causes the Display to turn on, the code that is displayed is an encription of the Time of Day (likely rounded to 30 sec) and the Fob serial number.



I suspect it is the Time of Day tracking on the Server side that is issue. When the servers decript the code they get the Time of Day on your Fob. On the Servers they are keeping up with the drift from real time for each Fob on each account in their system, other wise your FOB would stop working when the internal clock drifted too far off real time.

I am thinking that when you log into one Battle.NET account 5 times, it does not like five different FOB time of Day updates in a row with the same TOD, and rejects them. The drift calculation may not like Zero time difference from the last log on. Where as when the accounts were seperate they got a single FOB time of Day Update on each account accross your Five acounts, and then they where keeping up a seperate Drift calculation on each account.

You could be right, but the issue here is this WAS working. Something broke, or someone changed something to no longer allow this.