It looks like you're new here. If you want to get involved, click one of these buttons!
Originally posted by Chuckanar Originally posted by JeroKane Originally posted by Fessor111 Can't you use your mobile phone as authenticator anymore?
Yes you can.
Can I? I dont have a smart phone and dont need one. I have a basic cellular phone with text. I dont need to surf the web check emails or such on my phone. Can I still use this authenticator without a smart phone?
I do know one thing and my pc has the latest updates and virus protection. My buddies smartphone is easier to hack by far since they dont have any protection of any worth.
You need a phone with either the Andriod operating system or iOs (Iphone) to use the authenticator.
Beyond that, using a crazy password that is ONLY used for battle.net and being very careful when viewing your emails should be enough. Surf the web responsibly
Originally posted by mcburly So according to blizzard supporters, the fact that over the past couple days large amounts of accounts(anywhere between 10k-100k) have been hacked, and we are not supposed to believe that blizzard deserves any of the blame? I tend to be pretty safe and cautious on my computer AND no one else uses it, yet somehow my account on diablo got hacked and all my items and gold was removed. I also have played numerous mmos and have never had an account hacked in any of them. My battle.net account ahs been hacked twice.... Ive changed passwords numerous times and just now added an authenticator but NO other game has made me have to do that. So please enlighten me blizzard supporters, why I should not blame blizzard whatsoever.
If blizzards servers were compromised they are legally required to inform their customers. This is why everytime there is a compromise the companies come out and fess up. Everytime it costs them money, but it would cost them even more money if they were to keep the compromise secret and it was found out.
Fact is 6.3 million people bought the game last week.
Assuming that is ONLY the people who bought the game, and not more, and assuming out of the 6.3 100k people were compromised.
Thats a .01% of the user base. If blizzards servers were compromised...we'd be seeing a far greater number of accounts compromised. Something in the neighborhood of a million or more. The servers would be offline and everyones accounts would be locked for security reasons.
If blizzard was compromised this would be a significantly greater issue. .01% of your users (and I personally think 100,000 is high) screams fishing, social engineering, keylogging, and forum database compromises not blizzard getting hacked.
**Edit Just to be clear Im not a blizzard or Activision fanboi. I personally despise activision and their business practices with their call of duty series. Blizzard is only marginally better. That being said lots of folks in this thread are saying a lot of things with out knowing the basics of internet security.
Your simple txt phone will work now and if not now shortly as blizzard is now rolling out sms (txt) authentication.
As for your smart phone getting hacked, sure its possible, but that would require the hacker to be in proximity to you to get your information. They would then still need your account user name and password, and be able to access that phone with in 30 seconds of the number being generated. Most folks with these skills couldnt care less about your D3 account.
Originally posted by Mephster Yeah ok Blizzard. I like your games but your business practices are just poor as hell. It is so much easier to blame the next guy when Diablo 3 has a ton of issues right now. Link: http://www.incgamers.com/News/31394/diablo-3-hacks-are-not-a-blizzard-problem-state-blizzard
Actually, the burden of proof is on the people making the charge to substantiate it. Getting hacked when you have an RMA token isn't easy. Possible, but not easy, and most likely, not worth the trouble.
I believe Blizzard when they say nobody with an authenticator got hacked. And I still disagree with their absurd DRM, their RMAH, and their general approach to things as of late.
rumor say that playing public game increase your chance for being hacked ... one friend played 1 time and got hacked at next day and have ppl at blizzard forum saying that even using the Authenticator they got hacked...
well i have the Authenticator on and dont play public games xD hope be safe ...
Originally posted by saurus123 Originally posted by Xzen Buy an authenticator or if you have a smart phone (I know you have one) just get the authenticator app. You're other choice is to get smarter when it comes to protecting yourself from keyloggers etc..
getting authenticator doesnt help
problem is when you join or create public games these "hackers" can read your real id and exploit/copy it somehow
next time you log into the game seeing your char is naked and have strange names in thier friendlist
thats how few of my friends was "hacked" by joining public games
That's session spoofing. And in short, while technically possible, it is absurdly unlikely. Dubya proved pretty much beyond a shadow of a doubt this fact in the other thread.
Originally posted by Pyrostasis Originally posted by Chuckanar Originally posted by JeroKane Originally posted by Fessor111 Can't you use your mobile phone as authenticator anymore?
Didn't know that. That is very good news, and certainly a step in the right direction.
Originally posted by iceman00 Originally posted by saurus123 Originally posted by Xzen Buy an authenticator or if you have a smart phone (I know you have one) just get the authenticator app. You're other choice is to get smarter when it comes to protecting yourself from keyloggers etc..
Yep, just to reiterate:
I captured all traffic between the game and the Diablo server. At no time does the game expose the Session ID required for a session hijacking exploit.
Session Hijacking is a vulnerability in SSL connections.
Again, there is no Session Hijacking exploit in Diablo 3.
Shadow's Hand GuildOpen recruitment for
The Secret World - Dragons
Planetside 2 - Terran Republic
Tera - Dragonfall Server
It's great that Blizzard offer the authenticator solution to the poor souls who fall prey to the various account stealing tactics. Other companies should learn from Blizzard's example and try to be as alert when it comes to security.
Originally posted by FrodoFragins Because their games are popular they are supposed to give away authenticators at a loss? If you get keylogged it's your own fault. Sure it sucks, but no one says you have to surf all over the web and click links in emails on your gaming machine. If you must, then get an authenticator. If people found a way around the authenticator, other than thru a man in the middle app you downloaded by accident, then they will be responsible. Oh yeah, not going to that site as I'm pretty sure they had issues with bad ads.
Nah, in Diablo 3s case the box should have had a auth included, people might have whined a little of the increased price of the game but for a game with a real money AH it really is the only way.
All hackers in the world probably just gave up on Wow and moved to D3, and even if Blizzard ain´t legally responsibility for that the large amount of hacking will hurt their name.
If you play, get an auth now. Safe behavior on the net makes chanses that you´ll get hacked decreased a lot but the only 100% safe way if to buy the auth.
Blizzard can't be responsible for everything that happens to players and their accounts. Sure, they have an element of responsibility, in that its their game and their software; but they can't possibly be held responsible for absolutely everything.
Having said that however... I'm still not in agreement of forcing singleplayers to have to get online; biggest reason why I did not purchase the game. I know hacking is what most people cite as the reason, but its obvious to me that the main reason is the RMAH.
Anyway, its never fun to have your account hacked (never happened to me), and I hope those who did get their accounts hacked are able to get their items back and get back to playing :-)
Originally posted by iceman00 Originally posted by Pyrostasis Originally posted by Chuckanar Originally posted by JeroKane Originally posted by Fessor111 Can't you use your mobile phone as authenticator anymore?
I enable it some time ago and while the speed of the service isn't the best (judging from the conformation code you recieve), it's seems to do it's job. Mind though, most of this service is for protecting your general Battle.net account. For Diablo 3 this is listed specifically:
We may also text you verification codes if we detect suspicious activity and for approving transactions in the real-money auction house.
So far I haven't been targetted, so I'm not sure what Blizzard specifically means with 'suspicisous activity', but the RMAH bit is pretty nice. This is a SMS service, so free to use (with my plan at least).
That needs some serious evidence or proof to support that claim.
I'd also wager your friend who has this authenticator doesn't have it authenticate at every login.
And people are still whining that they should do more? What, exactly, should they do?