Dial-In Authenticator is wonderful

**Shodokan** · 12-17-2010, 12:40 AM

This does not combat against someone hacking your account... blizzard has said that this is simply a backup for the actual authenticator. I asked about using this method for five accounts and they said that it did not protect against keyloggers, spyware etc etc like the hardware authenticator. If someone accesses anything from your computer then you are SOL.

Example: you get a trojan/virus... they open your computer into an SSH based proxy and proxy into WoW and empty your account... it's already happened to a few people and was discussed on the official forums.

As a multi-boxer you can ask for authenticators in order to seperate your accounts to new e-mails and they will send them to you. Yes it makes your keychain huge but it does have it's benifits especially if you only play from a single location. They sent me a few and explained that it was up to me what i did with them and if i wanted to make 5 seperate battle.net accounts to just call back. I disabled my mobile one and just added two of them to the accounts i already have and it takes me less than a minuet to log in... so theres no reason for me to do that.

**Vecter** · 12-17-2010, 12:09 PM

Originally Posted by Shodokan

This does not combat against someone hacking your account... blizzard has said that this is simply a backup for the actual authenticator. I asked about using this method for five accounts and they said that it did not protect against keyloggers, spyware etc etc like the hardware authenticator. If someone accesses anything from your computer then you are SOL.

Example: you get a trojan/virus... they open your computer into an SSH based proxy and proxy into WoW and empty your account... it's already happened to a few people and was discussed on the official forums.

As a multi-boxer you can ask for authenticators in order to seperate your accounts to new e-mails and they will send them to you. Yes it makes your keychain huge but it does have it's benifits especially if you only play from a single location. They sent me a few and explained that it was up to me what i did with them and if i wanted to make 5 seperate battle.net accounts to just call back. I disabled my mobile one and just added two of them to the accounts i already have and it takes me less than a minuet to log in... so theres no reason for me to do that.

If Blizzard is telling you that the dial-in authenticator is simply a backup of the actual authenticator then they are misleading their customers as their official FAQ states it is another option of authentication control and protects your account from malicious attempts. If someone has the smarts to bypass the dial-in authenticator you probably aren't safe regardless of the method you use. All methods that provide extra security have been "reported" as being hacked so to say one is safer than the other is not really accurate.

The bottom line is don't be a dumbass when it comes to using your computer. If you visit questionable sites you need to realize that you can get hacked. If you download unknown material you can get hacked. If you regularly scan your system using up-to-date virus software, check for keyloggers or trojans, use different passwords and don't do stupid shit you will be a long way into protecting yourself. In addition add any type of authenticator and you will more than likely be safe.

If you are going to throw out fear mongering statements about Blizzard stating the effectiveness of the dial-in authenticator please provide links to said statements, and not the green posters either and no your "conversations" with phone support are not official Blizzard statements.

**Ughmahedhurtz** · 12-17-2010, 01:03 PM

Originally Posted by Vecter

If Blizzard is telling you that the dial-in authenticator is simply a backup of the actual authenticator then they are misleading their customers as their official FAQ states it is another option of authentication control and protects your account from malicious attempts. If someone has the smarts to bypass the dial-in authenticator you probably aren't safe regardless of the method you use. All methods that provide extra security have been "reported" as being hacked so to say one is safer than the other is not really accurate.

The bottom line is don't be a dumbass when it comes to using your computer. If you visit questionable sites you need to realize that you can get hacked. If you download unknown material you can get hacked. If you regularly scan your system using up-to-date virus software, check for keyloggers or trojans, use different passwords and don't do stupid shit you will be a long way into protecting yourself. In addition add any type of authenticator and you will more than likely be safe.

If you are going to throw out fear mongering statements about Blizzard stating the effectiveness of the dial-in authenticator please provide links to said statements, and not the green posters either and no your "conversations" with phone support are not official Blizzard statements.

This. Times eleventy.

**Sajuuk** · 12-17-2010, 02:36 PM

Originally Posted by Shodokan

This does not combat against someone hacking your account... blizzard has said that this is simply a backup for the actual authenticator. I asked about using this method for five accounts and they said that it did not protect against keyloggers, spyware etc etc like the hardware authenticator. If someone accesses anything from your computer then you are SOL.

Neither does the normal authenticator. Man in the middle attack, perchance?

Example: you get a trojan/virus... they open your computer into an SSH based proxy and proxy into WoW and empty your account... it's already happened to a few people and was discussed on the official forums.

Then it's your own damn fault for getting the trojan/virus!

And tell me how exactly they'll proxy into wow, I'd really like to hear it out of curiosity.

**Tonuss** · 12-21-2010, 11:00 AM

Originally Posted by Sajuuk

And tell me how exactly they'll proxy into wow, I'd really like to hear it out of curiosity.

I'm curious about this myself. I asked in the previous thread I saw about the new authenticator, and did not get a response. How does someone spoof your IP address from another computer in order to access WOW, and does this seem like something that a gold seller or account thief would be able to do easily enough to make it worth his time?

I'd like some kind of technical explanation, not just "it can be done" or "it happened to so-and-so." How easy and/or simple is it to fake a specific IP address, especially for someone who is just sitting at another PC somewhere else in the world and just wants to hack a WOW account?

**Ughmahedhurtz** · 12-21-2010, 06:33 PM

Originally Posted by Tonuss

I'm curious about this myself. I asked in the previous thread I saw about the new authenticator, and did not get a response. How does someone spoof your IP address from another computer in order to access WOW, and does this seem like something that a gold seller or account thief would be able to do easily enough to make it worth his time?

I'd like some kind of technical explanation, not just "it can be done" or "it happened to so-and-so." How easy and/or simple is it to fake a specific IP address, especially for someone who is just sitting at another PC somewhere else in the world and just wants to hack a WOW account?

Agreed on the "worth their time" angle.

I'd also like to see a link to the official forums thread where it was acknowledged that this was how someone got hacked with the Dial-In Authenticator set up. I mean, if it's happened and been discussed, should be trivial to find the thread again, right? Not trying to sound snarky but this sort of claim is always going around among kids trying to look important on forums.

Thread: Dial-In Authenticator is wonderful

Thread Tools

Search Thread

Display

Hybrid View

Posting Rules

Dual-Boxing Community

Dual-Boxing.com Quick Links

About Us

Search

Connect With Us