Quote Originally Posted by mmcookies View Post
ugh, just when i was thinking about farming the headless horseman's mount...

as a point of interest

the keyfob authentication server is most likely separate from WoW's login servers

basically, when you login, the generated number is passed off to the keyfob auth server along with your keyfob serial number for verification

the main login server confirms your password and waits for the authentication response from the keyfob server, if both pass, then it lets you in

the way they had it set up before, the keyfob server would return a "pass" at any time during the 30 seconds when the generated number is valid

what they have now is the keyfob server would forcibly invalidate the key once it is used

the keyfob server technology is likely external proprietary and blizzard would have no direct control over the code

the best we can hope for is probably a "per keyfob serial number" option to turn the forced invalidation on/off
Bliz could also just cache a valid pass on a number from a given keyfob for 50-150 ms to allow the other 1-39 requests that hit right around the same time to clear on it's coat tails.