While I was away for several days my World of Warcraft account was hacked. I used a "strong" password and given that I'm stringent about security upon my own system and email, it became apparent that blizzard doesn't do anything to disallow repeated password failures from "strange" IP address locations.
For instance, for the past several years of being a customer I have indeed changed my password often and to complex or difficult passwords. In addition to that I have never logged in outside of my home state or ISP. One would think then that after they sent me a free "Authenticator" at my SAME home address that has ALWAYS been registered to my account since the first day I signed up, that the act of then registering the same serial number of that keychain to my account after it's delivery would suffice as identifying me as still in control of the account.
Anyway without offering the ability to bind logins to an ip or region there's very little point in even realisticly having a password, In addition the authenticators are actually very weak if a victim did suffer a keylogger. Once you captured enough authenticator transactions you could likely deduce the base key used to generate the number string used as input. Then if you studied the autheticator itself it could be reverse-engineered into an authenticator "Enigma Machine". I should also state that as long as it was done long enough and discreet enough currently a malicious hacker could just cycle ip addresses and hammer random passwords and eventually grab many accounts regardless of how well protected they are. I should also state that there is software out there that can easily defeat almost, if not ALL "captcha" text systems.
To make a point, when you generate a key with the authenticator app/keychain the number generated isn't the only number that will be valid because the keychain has no way to communicate/reset/randomize the variable that actually controls the numbers generated because that very variable is derived from a non-randomized "Key".
I do NOT endorse malicious activity to any degree and also DO NOT condone such activities and state these things so that the less informed customer may become better informed about how easily an account can be lost. I never bought gold or anything else from anybody, never broke a rule, and always changed my password.
Also during the days,weeks,months that some automated program tried to chip away at my password from a foreign country, you mean to tell me nobody noticed the massive failed attempts that must have occured?
Be aware and be safe and my suggestion is that if this happens to you do NOT turn over all of your personal and or private data to Blizzard, as the two methods they allow you to provide them with private data(photo Id,etc.) are through fax and phone. Both of which aren't assured to be secure to any degree.
Either way they did me a favor which is why I don't give them a 1, at least after leaving wow and blizzard behind I at least have time to enjoy making music.
I got into paypal becauseI originally wanted to useit for online gaming as a buffer for any real financial information exchange. However with no mention on the package there is a true catch-22 they employ on new users.
So the rub? Once your "Greendot" funds are added to Paypal they are subject to different terms and conditions. Paypal then freezes said funds and insures that while in fact your funds are in your account you can't access said funds until you provide all of your financial and personal data to Paypal. I don't mind providing SOME info for tax reasons, etc.
All it takes is a single interception of private data to ruin your fun and in fact it's why I closed my Blizzard account and won't return due to serious concern about how Blizzard operates their website and account security.
I was able to get immediate support in live chat from email@example.com when I THOUGHT my key was invalid but it seems EADM was merely glitched. Filip was patient and polite and gave me the correct answers immediately, half my ineptitude , half EA's.
And to mention I received BOTH keys clearly labeled and in one single email. Will return there again when I find something else to buy.
Connect with Facebook to get one click access to Trustpilot. It's easier.Sign up with Facebook