Probability of Authenticator failing to save accounts?

[Maxion]

Mutiple b.net accounts. All my accounts are on their own individual b.net account.

You can link your authenicator to any account. Hell I even linked it to an account that wasnt even mine while linked to my accounts at the same time.

Indeed, still can't if all your accounts are on the same battle net account though.

[Khatovar]

I even linked it to an account that wasnt even mine while linked to my accounts at the same time.

Yup. My husband and I each have separate Bnet accounts using the same authenticator. This way you don't have to buy individual authenticators for each member of your family.

[kate]

In order to remove an authenticator they require 2 sequential authenticator codes.

The obvious solution to avoiding a man-in-the-middle attack is, when you fail to authenticate, to wait 30 seconds and completely skip the next code. If it was just a typo, well, you only wasted 30 seconds of your life. If it was a MITM attack, well, you just spent 30 seconds to save a whole bunch of time with their account retrieval team.

[Iceorbz]

I'm pretty sure this isn't how the current man-in-middle attack works.

Your first attempt will be captured and used to log in. You will just be thinking you made a typo and enter a new code again and you can log in. They do not let you use the first code entered as the expiration has been present for a long time... we have posts about that on the forum here going way back when they made this change. You can still log in on multiple accounts with the same authenticator code at the same time.

In the mean time they will be messing around on the website doing whatever. Granted they can't do too much besides changing your password. But the next time you try to log in they will use your authenticator code to actually log in to the game and rip it.

The old attacks were replay attacks, and they were capturing the battlnet authentication via a trojan. They were not actively blocking the data going from you to blizzard, they were just listening to it, and then replaying it. That's when blizzard changed it to a single log in from one key.

[Silence]

The old attacks were replay attacks, and they were capturing the battlnet authentication via a trojan. They were not actively blocking the data going from you to blizzard, they were just listening to it, and then replaying it. That's when blizzard changed it to a single log in from one key.

Fair enough... I was thinking more about the current method ;p

It all comes down to keeping your computer safe.

If you insist on visiting certain types of sites then it would be wise to run your internet explorer in a sandbox (certain firewall software can also do this for you like comodo) or seperate virtual environment. This way you completely separate your "shady" browsing from your overly important gaming stuffs ;p

[Maxion]

Fair enough... I was thinking more about the current method ;p

It all comes down to keeping your computer safe.

If you insist on visiting certain types of sites then it would be wise to run your internet explorer in a sandbox (certain firewall software can also do this for you like comodo) or seperate virtual environment. This way you completely separate your "shady" browsing from your overly important gaming stuffs ;p

Or just use firefox with the noscript addon since internet explorer is so riddled with security holes that it is like running a program designed to be a big back door to your computer.

[Silence]

Or just use firefox with the noscript addon since internet explorer is so riddled with security holes that it is like running a program designed to be a big back door to your computer.

I use that too yes... but it's still not protecting you from sites you do give "access" to because you want to visit it.

It's better then IE security-wise in any case ;p

[ElectronDF]

I have a DSL and cable connection. My DSL was from a local company instead of a national one. I LOVED my DSL from SWBell. It was fast, never blocked (email, P2P, webserver, etc), fast, and reliable. It never went down in 5 years. My cable in the past would go out once every 6 months for like 5 mins up to 2 hours. Hence my reason for having both. Now, my DSL is not reliable, drops connection like once a day for like 10 secs and then comes back. Guess what happens to my WOWs when the internet goes away....

I am just offering some thought. You internet doesn't have to go away forever for WOW to dump you. You might watch the modem's connection lights. Or check on its status page for time connected. Or check internet connection uptime. Whatever the phrase or place is it, might tell you if your connection is the problem. If it hapens to me, I just repair the network connection and it finds my cable modem first (most reliable now) and all is fixed.

I too had a first thought that it was a hacker. But I have an authenticator and have for a while, so I don't feel that way anymore. I just think it is Blizzard's servers kicking off random people. You know AT&T hosts WOW, right? No, no one has ever had a dropped call off a cell phone. They are good, but wouldn't put it past them to keep 99.9% of people online constantly. But what is .1% of 200,000. That could be you.

[Mickthathick]

Sounds like you are having d/c issue not a hacking issue.

Check your connection/phone line/addons. Especially addons, I was having d/c issues on my main account caused purely by using out of date addons.