There are a lot of well written articles on the Internet about securing your computer to prevent unauthorized access to your World of Warcraft account. They all talk about anti-virus and anti-spyware protection and a lot of common sense practices like not opening emails from sources you do not trust (or if the file is called totallynotavirus.exe). No matter what you do, there is always a risk something will happen and your account can be compromised. That is, unless you take advantage of one security trick that will secure your account far more than anything else out there.
The new "Core Hound" authenticator is only about $7.
This trick isnt something new and is probably something youve dismissed many times before. I, however, implore you to listen. Its a single word that can save you from being locked out of your character for weeks and ruin your entire gaming career. That single word is, as you can guess, Authenticator.
If you already have one then please, continue reading to understand why theyre so important or give out this article to your friends who have yet to pick one up. If you dont have one yet then listen to why the Blizzard Authenticator is not a waste of money and can help secure your account. Of course, if you have a secure computer then the chances are already really low. However, there is nothing wrong having additional security measures to make sure that small chance doesnt happen.
A good example of the latest scam is that Google AdWords has been flooded with fake WoW Armory links to cash in on everyone logging into the armory to take poses of their characters. The links are big and look like the real thing on the google search, but only take you to a page thatll steal your account. The authenticator will save you, even if you do login on one of these sites by accident. Of course, safe computer practices can prevent this as well (always looking at the URL before logging in), but you never know when youll trip up.
Lets start with what it is. The Blizzard Authenticator is a small key fob (security token device) no bigger than a stick of gum that has a single button and a small numerical LCD. That LCD will display a six digit code that has to be inputted into the game after your enter your password in order to login. Without someone having physical access to the device it becomes nearly impossible to login to the account even if you know the password.
This technology is known as two-factor authentication and is used by many major banks and corporations for logins to sensitive materials like bank accounts or secured doors. The authenticator acts as a one time password (OTP) token (which is something you have) while your password acts as something you know. Without both of these you cannot gain access to the account. If you have the password then youll still be stopped at the authenticator screen and vice-versa. The number the authenticator generates is constantly rotating, so even if its stolen itll become invalid within 30 seconds.
Lets say that your password is 0001 (because you are number one) and someone easily guesses it. Without an authenticator they would be in your account and you, your guild bank (what access you have to it) and everything else would be looted. If you have mining, skinning, or herbalism then your account would be botted until you regain access to it at which time youll enter into a restoration queue that is currently over 2 weeks long. Thats a long time to go without playing!
If you have an authenticator then its a different story. Lets say they guess your password but then come to the enter your authenticator number screen. They couldnt get past that without the number off of the physical authenticator. They could try guessing it, but the number is constantly changing and there are 999,999 variations that they would have to go through within seconds before a new code is generated. So its nearly impossible to get through WITHOUT the physical authenticator.
Even if they did somehow win the lottery multiple times over they wouldnt be able to get in a second time. Thats a lot more secure than getting the password and then destroying your account! You have to even use it to login online, making it impossible to access your account in any way.
Notice that it's slightly bigger than a key, but still small enough to easily take anywhere.
It is old news, its been out for a few years now, but the RMT industry is desperate for accounts. Theyre desperate for your gold so that, in their minds, they can steal it and sell it right back to you. We, the users, have to do whats right to keep our accounts safe in a perilous time. To be honest with you, if you ARE very good at keeping your computer safe then there isnt a very high chance of you getting hacked but the chance is always there.
An authenticator, the physical kind, is only about 7 USD with free shipping (after taxes, which may vary). Its available from the Blizzard store so you know you can get one from a trusted source. There is a free option or inexpensive option. The iPhone/iPod Touch version is free while many cellphones have an application that is only .99 cents and best of all they can work without a signal or Internet connection. Personally, Id rather have the physical version so that I wouldnt have to so much worry about a stolen phone keeping me from playing the game.
The price is right and its not a joke, so there isnt any reason not to pick up an authenticator. If you dont like it you can even remove it from your account without a problem. Just loginto the game and click Remove Authenticator then enter in two consecutive codes (they change every 30 seconds, just wait half a minute and press the button again). The reason you enter two consecutive codes is to keep people from guessing a single code (however unlikely that is) and removing the authenticator from your account. Thats another layer of security.
Of course, it would not be fair to avoid mentioning a few things. The first is that if you lose the authenticator then youll have to contact Blizzard to get into your account. You can mitigate this risk by keeping it at your computer in a drawer or attached to something near your desk so you never have to worry about losing it. The second thing is that it does take you a few seconds more to login. I was in the middle of a Halls of Reflection run when all of a sudden I lost my connection. When I was trying to frantically log back in I found myselfmistyping the code several times. However, I was able to get back in on time. Thats a rare kind of event.
The point here is that its still a good investment and may soon be required by Blizzard. Rumors abound that Blizzard has too many restore requests and too many hacked accounts to handle. It only makes sense that security like this be enforced in a game that is such a huge target. So get one now before there is a huge rush (unless they package one into every Cataclysm box, but even then many people buy the expansion online and youd still need to get one).
If youd like more information on the Blizzard Authenticator or the Blizzard Mobile Authenticator click here. If youre interested in purchasing one visit Blizzard's store by typing in "blizzard.com/store" into your browser, making sure all of the words are correctly spelled or visiting any of the Blizzard sites and navigating there. Before making a purchase, make sure that you're on "blizzard.com".
SPECIAL NOTE: Only buy from Blizzard's site! Other retailers have HUGE markups and there are many scam sites. Make sure you're on BLIZZARD.COM and nowhere else when buying!
To read the latest guides, news, and features you can visit our World of Warcraft Game Page.