Slashdot Mirror

← Back to Stories (view on slashdot.org)

Blizzard Introduces One-Time Password Devices For WoW

Posted by timothy on from the status-symbols dept.

An anonymous reader writes "Two days ago Blizzard announced that they will be selling keychain tokens to add one-time password support (FAQ) to World of Warcraft. Have compromised World of Warcraft accounts become such a serious problem, that OTPs are already neccesary for games?"

12 of 271 comments (clear)

  1. Not a problem... an opportunity by gbulmash · · Score: 5, Insightful

    Have compromised World of Warcraft accounts become such a serious problem, that OTPs are already neccesary for games?


    Probably more like Blizzard has decided that people paranoid about having their accounts compromised have become such a serious market segment that it can eke out a few more pennies selling these dongles for 6 euros a pop.

    If it was a huge problem, Blizzard would begin requiring them. The fact that they're optional means they're probably just a new way to sap a few more bucks from players who have invested so much of their time and being into this game that six euros seems a very reasonable security blanket.

    --
    Start a happiness pandemic
    1. Re:Not a problem... an opportunity by ZorbaTHut · · Score: 4, Insightful

      A cancelled account of mine got hacked somehow, and I only discovered it months later when I went to reactivate it. Blizzard basically said "sucks to be you, we won't do anything". My first level 60 character is gone forever, which makes me kind of sad.

      Blizzard will, apparently, not fix all problems.

      --
      Breaking Into the Industry - A development log about starting a game studio.
    2. Re:Not a problem... an opportunity by vertinox · · Score: 4, Insightful

      My best theory on how it happened is that I used the same account and password on lots of web forums, many of which have terrible security.

      There is your problem.

      I know we are all lazy when it comes to passwords, but you really need to keep different passwords for different things. It doesn't mean you have to keep completely different passwords for everyone forums so my personal rule is to have levels on how much I care about it being breached.

      Level 1: Random forums I don't trust or places I don't care if hacked.
      Level 2: Places I frequent that I trust and have a reputation, but its not going to kill me if my account is breached.
      Level 3: Stuff I pay money for. Like Online Games, Steam, utility bills, and cell phone plans.
      Level 4: Money. Banks. Credit cards. And/or anything that is serious business. This also includes email accounts attached to them which I keep completely separate passwords between accounts since it would be dumb to have the same password for your bank as your email. Also I tend to keep different passwords between financial institutions because I don't trust competency of employees and their laptops.

      The goal is to never use the same password between the levels so if one is breached the others are not.

      So if it is that important to you, then don't use the same passwords on untrusted sites or forums that use unpatched vBulletin or PHPbb. I mean... I don't even trust Slashdot.

      And it never hurts to paranoid and change your passwords every 6 months or if you just suspect something. Its not going to cost you anything other than mental exercise if your wrong, but it saves you a whole lot of grief if you are right.

      --
      "I am the king of the Romans, and am superior to rules of grammar!"
      -Sigismund, Holy Roman Emperor (1368-1437)
  2. can't beat stupidity by rewben · · Score: 5, Insightful

    Its not the system that has a flaw, its the stupidity of people for giving away their usernames/passwords for powerlvling etc.

    --
    Old programmers never die.. they just can't C as well.
    1. Re:can't beat stupidity by Akaihiryuu · · Score: 4, Insightful

      Wrong. The WOW servers have never once been compromised. It's not WOW that's being compromised, it's the *player's computers* that are getting trojan'd/keylogged. And the "lag spikes" and "random disconnects" are usually happening to people with wireless-N, which is *not a standard*...it's basically beta and has a ton of problems. And blaming Blizzard for WOW "causing" people's routers to reset? I don't care what kind of data you're sending out, if it causes your modem or router to reset, then the problem is in the device, not the game.

  3. The first thing that comes to my mind is... by Null+Nihils · · Score: 5, Insightful

    Why can I get this feature for a MMORPG account, but not from my bank, or any other banks I know of?

    I value my real money far more than imaginary swords, shields and armor that exist as bits in an entertainment company's database.

    Maybe some people's priorities are different...

    1. Re:The first thing that comes to my mind is... by maxume · · Score: 4, Insightful

      The trick is that companies C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y and Z also all value the dollars that exists as bits in company A's DB.

      --
      Nerd rage is the funniest rage.
  4. Re:Security Theatre by pipatron · · Score: 3, Insightful

    I'm not security unconscious either [...] no control over what other uses the computer you play on is put

    One might argue that a security-conscious person would not let any random people share his computer, unless it had a very safe multi-user system.

    --
    c++; /* this makes c bigger but returns the old value */
  5. Cheap by Anonymous Coward · · Score: 4, Insightful

    6 euro protecting 1000s of hours of time spent, it's a no brainer.

  6. Re:It's both by Opportunist · · Score: 3, Insightful

    That's actually not exaggerated. The average phishing server yields a quite interesting harvest of various passwords for various online games.

    It would already kill a lot of those "opportunities" for phishers if online game makers required different PWs for account and board. But appearantly selling one time pads is more profitable.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Long Term evolution... by Vapula · · Score: 5, Insightful

    Phase 1 : OTP is a plus that you may buy
    Phase 2 : A free OTPtoken with each WoLK extension sold
    Phase 3 : A collector edition with WoW+BC+WoLK+token
    Phase 4 : Mandatory token for all accounts

    That way, they cut the grass under the feet of the chinese farmers who sell ready to play accounts and to the reselling of accounts on E-Bay and such...

  8. Re:Also by jamesh · · Score: 5, Insightful

    And there's no evil in Blizzard charging two cups of coffee for an extra layer of protection. I'm sure they've spent oodles and oodles of cash in the past dealing with these issues, so there's nothing wrong with recouping past costs and helping to avoid a portion of future expenditures.


    I don't even think they are trying to recoup costs, it's just a token amount so that every single user doesn't click the 'give me a free token' button. People love getting free stuff, even if they don't need it (or is it just my wife that does that? Hi wife, if you are reading this :)