Blizzard Reveals WoW Account Security Keychain

Well first of all - overkill.

But as for the device itself, how does the server know which number is generated from your specific keychain at the specific moment you want to log on?

In the "future cover" portion of this months wired there's a blurb from 2018 about the Federal reserve stepping in to stabilize the WoW economy. They may be spot on with that.

Anyone know if this thing is compatible with other services which use this system, like PayPal?

I'd maybe consider getting one of those things if it would further protect a bunch of my accounts. WoW, PayPal, Ebay and whatnot...

We have RSA tokens at work? This is kinda overboard for a game though..

For all those wondering if loggers etc will work it is probably the same keychained dongle that paypal uses. You get it, there's a url to register at where you put a initial 6 digit value in and each time you log in you provide your normal password then it asks for a new 6 digits from your keychain. Usually clears the screen in about 20 seconds after pressed so unless they are sniffing you at that second and able to login before you it's a one use addition to your password.

Lol, all the paranoid WoW players can rejoice now. Your accounts are safe!

Until someone mugs you for your little keychain.

Meh, why not just go with one of the simpler methods: Instead of asking for the entire password each time (which makes it stealable), just ask for 4 random letters from it.

Suddenly, keylogging becomes useless. The only way to get a password is to trick a user into providing it, but if you educate customers enough so that they know you'll only ever ask for random bits of their password, they should be able to easily spot the fakes.

I have one of these for my Paypal account. It's very handy, kept on my keychain, and gives you a little piece of mind.

This is a very intelligent move on their part, and I applaud it. Two factor authentication (as it's known) is a standard where verified security is required.

Blizzard is moving more money than the GDP of many small nations. That's an attractive target. If your account security can not be proven, that attractiveness will turn into lawlessness and people will leave your game, en mass. Anyone who reads our chatties regularly will see someone who has had their account broken into, and at least on a weekly occurrence.

The virtual identity possessed by people is very valuable. Some people would call it just a save game, but that belittles the personal value that people place upon their characters and accounts. What if you walked into a bar, and find out someone was already there wearing your face, running up a tab and acting like a huge jackass to your friends? That would not stand for a second, and that's the level of importance that one can place on a character after you've spend 25, 100 or 500+ hours on it, and in it.

This also is a subtle communication upon the maturity of our favored industry, where a hardware solution such as this is manufactured in response to the evolution of the game, let alone the industry.

What's to stop a trojan/virus from sniffing entered details/code and then denying your connection to Blizzard... leaving an unused, correct key for one time use by trojan's creator? Although, I guess Blizzard will be thinking about how trojans will evolve after this and have some solution.

Maybe it's just me but being this attached to a savegame is fucking insane. You need to let go. Yes you spent hours on it, but who really cares? It's just a bunch of levels and skill choices. If the game was really enjoyable you shouldn't care about needing to redo it.

I think people have really sickening attachments to data. If your HD fried tomorrow - would it bother you? I wouldn't flinch. I've had it happen before and I got pissed, but realized hey - who gives a shit? Oh no not my rpg saves, not my worthless documents I never open! Get over it.

The only thing you should worry about losing on WoW is your personal details, which should be safeguarded from their end anyway.

We actually use these at the school I work at for ultra-secure logins. They're pretty nifty, security wise.

LOL! So can I approve employee times with this code as well?

WTF.....if your password isn't secure enough, you deserve to lose your account to some Chinese gold farmer.

And if you lose your keychain or break it or accidentally flush it down the toilet?

It should also be noted that some of the Asian WoW markets also have something similar where you associate a phone number with your account, call a specific phone number with that phone, and then login to your account within 100 seconds of making that call.

Kinda neat, but I prefer the security key chain token method due to the extreme easiness of spoofing caller id nowadays.

As long as it looks like a little Frostmourne.

WoW. Serious business.

Please let some trade study figure out the number of people that buy these first day, and yet still browse with IE.

so this is what that big Announcement is :)


It's a good idea though enhancing thier on line security can only be a good thing.