The authenticator is not used for the forums. Only the account management site.
The authenticator is not used for the forums. Only the account management site.
<Multiplicity>
Blood Elf Death Knight, 4 Orc Shaman - Burning Legion Horde US (PvP)
Ellianaa - Haachoo - Hachu - Hachuu - Hahchoo
Heroics down: Gundrak, Drak'Tharon, Utgarde Keep, Utgarde Pinnacle, Culling of Stratholme, Halls of Lightning, Ahn'Kahet, Violet Hold, Nexus, Azjol-Nerub, Halls of Stone
I recently had the unfortunate occurence of being hacked. Here was the "wierd" part about it: When I found out my account was hacked, I checked my running processes and sure enough I ran across and unknown. I started checking my browser history and went back 3 months. The computer I play WoW on is just that, for WoW. I had been to wow o-boards and allak... and that was it.
So, I either got it from allak OR I got the virus a while back and it took it 3 months before it went into effect.
Something that I want to point out... ANYTIME a major holiday (i.e. Christmas) comes around or other Major Holidays (i.e. Expansion Pack releases), it would be a very good idea to change your password in the weeks leading up to that. Gold Companies realize that blizzard support will be cut back so response time will be slower, people will typically be saving up gold, and the demand for gold will skyrocket.
I have had two friends get hacked as well as myself. I got hit the week before Wotlk came out and my two friends got hit the week before christmas. This has been a trend among others that I have come across.
Blizzard is getting account recovery down to an artform though. My main account got cleaned out pretty badly, but they didn't even make it to the mailbox on my second account before it got slapped with a temp ban. The rest of my accounts didn't get touched thankfully.
All in all, I got the majority of my stuff back that was linked to my character, but my guild was nuked, bank gone and about 5k-6k gold worth of items in the bank non-recovered. This is the second time my bank has been cleaned out by hackers. (First was when my friends got hit, second was when I got hit.) I really wish blizzard would be able to restore those items as well. That's probably 10k gold/items that I've been unable to recover from it.
Duese 80 Warrior - Alleria
1x80 Pally / 4x80 Shammy - Rebeckah, Manafont, Azurelore, Wildcard, Spiritsurge
Heroics Cleared: Gundrak, Nexus, Utgarde Keep, Azjul Nerub, Utgarde Pinacle, Culling of Stratholme(+timed), Violet Hold, Zul'drak
Remaining: Halls of Lightning, Halls of Stone, Occulus, Old Kingdom
I got a keylogger through Cosmos many moons ago. I only had one account, but the account name was 'out there' amongst the scrotum munchers instantly. My original account has been compromised 5 times total. Blizz wouldn't transfer my characater and wouldn't change the account name (this was before you could pay to do it). I started another account and leveled other toons. Blizz kept saying that my system was the trouble. I guess they didn't know I had two other accounts at that time that have never been touched :/ It got hit just the other day, but there is nothing on there. I used to use the account for trading stuff between alts, before instant mail came along. It's closed now and I am going right now to order authenicators.
"My dogs could roll heroics with how a lot of you play."
- Fursphere 2010
You have all convinced me! Here, let me trot on over to blizzard and buy their authenticator.....oops. SOLD OUT. blizzfail3000.
http://www.blizzard.com/store/details.xml?id=1100000182
Doing my best to get motivated for the WoW Headless Horseman mount hunt of 2013... so far failing. and now in 2018, let's see about those HH mounts! [Edit: Actually got an HH mount in 2018... on separate account 6. One to go! In 2019, my last BNet accout, the main one, got the HH mount. End of an era.]
I multibox because I have no time, have a life, have a job and[/or] money and have little patience for drama and temper tantrums. -- heffner
Just one.Originally Posted by 'Coltimar',index.php?page=Thread&postID=162869#pos t162869
Basilikos
Icecrown US Alliance
Mixed Group of Unholy DeathKnight, Holy Priest, Elemental/Restoration Shaman, Arcane Mage, Balance/Restoration Druid
Second Mixed group of Protection Paladin, Discipline Priest, Fire Mage, Affliction Warlock, Affliction Warlock
5 Balance Druids - Shelved at 65
Holy Priest and 4 Warlocks - Shelved at 71
Protection Paladin and 4 Shadow Priests - Shelved at 60
5 Elemental Shaman - Shelved at 60
Wait, blizzard fails because they made a product that is so popular its selling as fast as they can make it? What world do you live in? Oh and the fact that they're selling it for what could possibly be the most reasonable price in the history of sales apparently makes them fail also? Sheesh.
<Multiplicity>
Blood Elf Death Knight, 4 Orc Shaman - Burning Legion Horde US (PvP)
Ellianaa - Haachoo - Hachu - Hachuu - Hahchoo
Heroics down: Gundrak, Drak'Tharon, Utgarde Keep, Utgarde Pinnacle, Culling of Stratholme, Halls of Lightning, Ahn'Kahet, Violet Hold, Nexus, Azjol-Nerub, Halls of Stone
The authenticator is wonderful for one account. Any tips how how best to manage five or more accounts with an authenticator? Seems like it would be a very painful process just to be able to log in, or if you game on the road taking 5 authenticators with you is very annoying and increases the potential for misplacing one.[/quote]
ie:
username: joe$bob^biggs
password: l1v3@th3beach!
yes, that is secure against a dictionary attack and most brute force... but the pros have moved to keyloggers and are putting out software that gets into the box and watches for you to enter a password somewhere. then it'll send a message to some irc chat room where itself and thousands of other virus bots are logged in. end result, no amount of username/password gymnastics can save you from a keylogger... and it's only a matter of time before explorer gaffs at some animated gif or xml overrun and allows one onto your box. even anti-virus software doesn't protect you from NEW viruses/keyloggers.
the ABSOLUTE best solution would be a revolving RSA key... which is what the blizzard authenticator is based on. get it. get it today. have zero fears.
[url='http://www.blizzard.com/store/details.xml?id=1100000182[/url]
I use the Blizzard Authenticator on 38 accounts. Just use maximizer from either Keyclone or Octopus or whatever other software that allows start up of the application and keyboard entry to all client applications. Once the same authenticator is associated with multiple accounts, the same number can be entered to all account logins at the same time. Keyclone and Octopus allow that keyboard entry at login so it saves a ton of time logging in any number of accounts at the same time.[/quote]
Hey look its Prepared~! Haven't seen you post in a while, how's your army doing on its leveling?
My personal experience:
Over Christmas, I got an e-mail saying that an account (which simply has about a month left on it, no gold... it was a former RAF account where the RAF time had run out but I had used a gametime card to get an early Zhevra) of mine had been password reset (successfully, by the way... which means they had access to my e-mail). This was the ONLY account to receive this e-mail, and when I password reset it back and got my access back, I didn't find anything changed. To be honest, they were probably disappointed to find some <lvl10 lowbies and no gold or gear to speak of.
None of my other accounts were hit.
Why?
The RAF account was the ONLY account that wasn't associated with my authenticator. I had just been too lazy to attach the authenticator to that account, and didn't feel there were any valuables on that account that I'd cry over losing. All of my high level characters had already been xfered onto my main accounts (which use authenticators).
What's disturbing?
In order to make a successful password reset, they need access to my e-mail. If they have access to my e-mail, they COULD have just deleted the e-mail notifications from Blizzard and I would've never known anyone had gotten into my account. Furthermore, if they got access to my e-mail/password via a keylogger, they potentially have any information I've ever typed into that computer (think: credit cards? online banking?). Thus far, all I've seen is that one password reset. But I'm keeping a hawk eye on everything else, just in case, and I'm wiping that machine.
The particular machine in question was running vista's UAC, Antivirus, and behind a firewall. However, it doesn't really surprise me that people can still get in. Given enough determination, people can find their way into anything.
It does make me smirk that they wasted their efforts on my relatively worthless former-RAF account, though.Hooray authenticator.
TBC/Wrath Multiboxer: Velath / Velani / Velathi / Velatti / Velavi / Velarie [Archimonde (US-PvP)]
It isn't necesarily a computer issue. If you use the same password for multiple logins, one of those may get picked up somewhere. For example, you sign up for a guild's private website using the name "jimbobjoe" with password "notmypassword" and set it to the same email that your WoW account is linked to. If the password is the same as your email password, someone just has to get in to the guild's website (including whoever is running the thing), and they have your email and password, at which point, they do a search through your email for anything from blizzard, snag your account name, reset your password, and boom, access. And that's just one scenario.My personal experience:
Over Christmas, I got an e-mail saying that an account (which simply has about a month left on it, no gold... it was a former RAF account where the RAF time had run out but I had used a gametime card to get an early Zhevra) of mine had been password reset (successfully, by the way... which means they had access to my e-mail). This was the ONLY account to receive this e-mail, and when I password reset it back and got my access back, I didn't find anything changed. To be honest, they were probably disappointed to find some <lvl10 lowbies and no gold or gear to speak of.
None of my other accounts were hit.
Why?
The RAF account was the ONLY account that wasn't associated with my authenticator. I had just been too lazy to attach the authenticator to that account, and didn't feel there were any valuables on that account that I'd cry over losing. All of my high level characters had already been xfered onto my main accounts (which use authenticators).
What's disturbing?
In order to make a successful password reset, they need access to my e-mail. If they have access to my e-mail, they COULD have just deleted the e-mail notifications from Blizzard and I would've never known anyone had gotten into my account. Furthermore, if they got access to my e-mail/password via a keylogger, they potentially have any information I've ever typed into that computer (think: credit cards? online banking?). Thus far, all I've seen is that one password reset. But I'm keeping a hawk eye on everything else, just in case, and I'm wiping that machine.
The particular machine in question was running vista's UAC, Antivirus, and behind a firewall. However, it doesn't really surprise me that people can still get in. Given enough determination, people can find their way into anything.
It does make me smirk that they wasted their efforts on my relatively worthless former-RAF account, though.
They are actually all different.
I have billions of passwords in my head between work, wow accounts, email accounts, forum accounts....
My e-mail account password does not match my WoW passwords which do not match my bank passwords which do not match my work passwords.
Furthermore, for my WoW accounts I use an e-mail forwarder on the account admin page that simply forwards to my "main" e-mail account. So they shouldn't have been able to figure out my e-mail address from the account admin page.
TBC/Wrath Multiboxer: Velath / Velani / Velathi / Velatti / Velavi / Velarie [Archimonde (US-PvP)]
Posting Rules
Reply With Quote
Connect With Us