wwi08_034.jpgThank you, Blizzard. Thank you!

Blizzard has officially announced that they have released a new security tool, the Blizzard Authenticator, for your World of Warcraft account.

The Information page at their website explains ALL the details.

The summary?

An OPTIONAL, physical keychain dongle much like a USB flash drive that you carry with you… that has an internal chip with a unique digital code.

When you buy the Blizzard Authenticator, for $6.50, you log into your Account Security, you associate this optional device with your account, and BOOM!

You will be able to use it anywhere, traveling, shared internet facilities, you name it. If you don’t have your key, you can’t get into your account…

If the damned hackers don’t have your physical damn key, they CAN’T HACK YOU!!!!

God bless you, Blizzard. God bless you.

I be ordering two as soon as I get home.

EDIT: No, I won’t, because the news is so bleeding edge they ain’t in the store yet. But I’ll be watching daily until they are in there… the announcement says they will be at the Paris conference, and then available at the Blizzard store “in the near future”.

Second EDIT: A little more info on the system… this apparently isn’t going to be an actual, plug into the computer, USB kind of key dongle such as I use for some of my engineering systems.

Instead, apparently it uses a system that many banks have implemented called SecurID, which consists of a key generator that changes the key code it generates regularly.

When you set it up with your Blizzard account, it will ‘sync’ it’s internal seed generator with Blizzard. So when you try to log in, you will be directed to input your current code… you’ll rpess a button on your keychain dongle, and the code will be generated right then, viewed on teh dongle screen display, and only be valid for a very short time, perhaps a minute. And you’ll type it in. Blizard will have their seed synced to yours, so it’ll know wqhat it should have been…

So even if you had a keylogger, or a virus… the key you typed in goes dead a minute later.

Interesting system… I want one, damnit.

Edit again… PIC! Plus, I’m including a PDF brochure from the actual device manufacturer I’ll host here… based off the “G06″ data you can see from the back of Blizzard’s Authenticator picture… vasco_dp_go6_brochure.pdf

20 Responses to “Blizzard Authenticator – Account Security is NOW!!!”
  1. sheldreyn says:

    I too will be getting one of those

  2. Deathrender says:

    Hell YES! This is the best news evah!!! They need to get this on the shelves with a quickness! Massive props to Blizzard for doing this.

  3. Noobiewan says:

    Very interesting. I’m likely to get one as soon as its been made certain that there are no initial problems with the new system. I don’t think there will be but with something like this It’s best to be cautious.

  4. Felkan says:

    We use the same thing (SecuID) to access my company’s VPN/email when not on site for years. They work great! I can’t wait to get one.

  5. Auzara says:

    But goodness, when I lose my keys now I’m upset, I can’t imagine if my wow account was tied to my keys too…. I need something that attaches this to my laptop!

  6. Kirk says:

    I’m old enough to remember the joy of security dongles. So to provide a little enlightenment:

    What is your plan when the security dongle breaks?
    What is your plan when the security dongle falls off your keychain, or your keys are borrowed/stolen?

    Yeah.

    For what it’s worth it’s a pretty good system. There’s a small vulnerability possible using the man-in-the-middle technique, but that’s very labor intensive and so unlikely to happen. (Short version – I intercept the login. I modify it and send THAT to Blizzard, meantime I use the original code to logon myself. Since the code changes every… I’d guess every minute, it’s a more complex system, but it’s a long way from impossible.)

  7. Yep, I just saw this too on Blessing Of Kings, and commented that it would be a good idea to stick it into the Wrath of the Lich King Collector’s Edition box. But as Kirk says, there are still a few questions which could do with being answered.

  8. dechion says:

    I will definitely be picking one up.

    I have never been hacked myself but I watched it happen to my brother and read about it happening to many others, yourself included.

    Not only will it keep hackers out it will also allow parents to very effectively control account access.

  9. Pike says:

    Hmm that is a good idea, I do feel relatively safe on Linux (though you can never be too safe) but for the times when I’m on Windows for Vent I might nab one…

  10. Softi says:

    Nice one :) My bank has recently set me out something similar to use with online banking… yet to try it though!

  11. Kinzlayer says:

    If they implement the RSA token in the way that my company does when and if you lose your key, you call into the tech center with your personal information and they send you a new token which once you get, you must call in to activate much like your credit card. Of course since you are buying these tokens you will most likely have to buy another token and then call into Blizzard in the same way you would to activate it the first time but you tell them that you lost your token and they go through the whole are-you-really-the-right-person routine which I hope they have taken into account in their service. I’m sure there will be so many lost token that they may need a whole new service department to work this.

  12. You won’t need to buy two. It says on the Q&A that you can associate one authenticator to more than one account. Of course, it might be a bit inconvenient if you and Cass needs to play in different location…

  13. Kheldar says:

    yeah sounds good. i use securid at work to access the servers when away from the office.

    works fine – although not sure what happens if u lose or break the keyfob…

  14. Barona says:

    I use SecureID at work and it is a very robust, very easy to use system. Yes, as people mention above it is possible to hack it, but much *MUCH* more difficult than the current setup.

    This is an EXCELLENT idea from Blizzard, and to be honest, an unexpected one. But I shall be getting one as soon as possible. I have seen too many people get hacked and destroyed.

  15. Raynmaker, Alevas (Uther) says:

    I too use SecureID at work. It’s nice, but as Coriel pointed out in Blessing of Kings – some of the end game raiders tend to share accounts. There are 2 other people who know my account info, and I know a couple of others also. We use it to share farming – my friend has an herbalist druid with epic flying… you can’t do better than that. I have a miner with epic flying mount, and I have a skinner. So, we share.
    With this system, I would have to actually call them whenever I wanted to use my account and hope I could input the secureID number before it expired. My token at work resets every 30 seconds I believe.
    Maybe if they have a way to associate multiple tokens with 1 account it would be nice – especially with so many girlfriend/boyfriend or husband/wife teams who play.

  16. Artorin says:

    This sounds great…. but what happens when my daughter picks it off my desk and it disappears…. hmmm. Well more to think about

  17. sylus says:

    “I too use SecureID at work. It’s nice, but as Coriel pointed out in Blessing of Kings – some of the end game raiders tend to share accounts. There are 2 other people who know my account info, and I know a couple of others also. We use it to share farming – my friend has an herbalist druid with epic flying… you can’t do better than that. I have a miner with epic flying mount, and I have a skinner. So, we share.
    With this system, I would have to actually call them whenever I wanted to use my account and hope I could input the secureID number before it expired. My token at work resets every 30 seconds I believe.
    Maybe if they have a way to associate multiple tokens with 1 account it would be nice – especially with so many girlfriend/boyfriend or husband/wife teams who play.”-Raynmaker

    As Raynmaker points out, this will be good for Blizzard, as they have a policy for account sharing. Gone are those days for those that use the new system!

  18. Anglachel says:

    I wants one… i just hope they ship to south america…

  19. Hey Boss, good post but you’re leaving this little Phinnigan confuzzled. Blizzard’s announcement still tells us that this is a physical device (dongle if you will) to be plugged in. Further information from the index page talks about what it is and how much it will cost.

    Can you give us a source for your information on SecurID and how you know it wont be an actual device? (or am I reading your edits incorrectly?)

    Thanks sir,
    Phinn

  20. Sfinx says:

    We used to use SecurID at work, and it was a good system. Now we use a gridcard type authentication. It’s basically a bingo card that is customized to each employee, and when you try to log on the system asks you for 3 answers from tha card. Pretty simple and cheap.

    But I digress, this is awesome service for Blizzard to implement. it’s a high-tech solution, but I can’t help but feel that this is something that should be included.

  21.  

World of Warcraft™ and Blizzard Entertainment® are all trademarks or registered trademarks of Blizzard Entertainment in the United States and/or other countries. These terms and all related materials, logos, and images are copyright © Blizzard Entertainment. This site is in no way associated with Blizzard Entertainment®