-
http://forums.worldofwarcraft.com/th...317391&sid=1#8
http://forums.worldofwarcraft.com/th...sid=1&pageNo=1
just did a quick search on forums found these 2 posts also
in that second link this was posted (not by a blue) ...might be the reason it was changed:
I'm an IT professional and the VASCO system used by Blizzard is slightly more vulnerable than the RSA SecurID system used by most corporations and financial entities... or the problem lies in how they have it configured.
When using my authenticator I can login twice using the same OTP (one time passcode) from the token. This is bad because in that 60 second window that token is valid for someone could login to your account IF and only IF they intercept the token code AND use it within the 60 second time frame it's valid for.
Most businesses have this feature disabled to prevent the security breach- IE as soon as the OTP is used you can't login again until it changes to the next code in however many seconds you have remaining.
It'd be really great if someone from Blizz could comment on if this was intended with your deployment .
Last edited by Dor : 10-15-2009 at 09:47 AM
Posting Rules
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote
Connect With Us