10/24/09, 9:51 PM
|
#1
|
|
Mike Tyson
Night Elf Rogue
Doomhammer
|
Warning for Guinss: 2. All opinions should be stated as succinctly as possible.
Post: Battle.Net Accounts and WoW
User: Guinss
Infraction: 2. All opinions should be stated as succinctly as possible.
Points: 0
Administrative Note:
Message to User:
|
Both overquoting and quote-splitting.
|
Original Post:
Originally Posted by Douglas
Be careful: no, it doesn't. It makes your account safer, but it cannot guarantee safety.
As more people start using them and the economic incentive to defeat them arises, attacks that work on them will appear. A low-hanging one is phishing. There are real Blizzard web sites that ask for your authenticator code. If you can trick someone into thinking they're at one of those sites, you can get one of their codes, and if you can use it quickly enough, you can do damage. If you can trick someone into giving you two "in a row", the attacker can even dissociate the authenticator from your account and then re-associate it to another authenticator, and then, yow.
|
Those who make theese scams can barely write english, i dont think it's gonna be a problem to see those fake sites.
Originally Posted by Douglas
A level far beyond that is, what happens when the hackers hack your ISP's DNS servers, and make your WoW client try to authenticate via servers Blizzard doesn't actually own? Certainly there are ways to protect against this, and I find it likely that Blizzard is doing some of them. But the upshot is, having an authenticator does not let you know that you're actually safe. You're safer, and that's all you can do.
|
That's where the launcher does its job. The launcher check for this and programs etc before running wow.
Originally Posted by Douglas
One of the reasons authenticators work as well as they do is, if you're using one, you're no longer in the "low-hanging fruit" set. There are so many people not using them that the economic incentive to attack them in earnest just isn't there. Why spend the effort (ie. money) when there are so many less-secure people out there? You don't have to run faster than the dragon, you just have to run faster than the gnome with no run enchant. If everyone were to start using authenticators, the low-hanging fruit would be "people who use authenticators but who are cocky about it and not careful enough".
Not trying to throw anyone into a panic. Not trying to convince anyone authenticators are pointless. I use an authenticator myself, and would advise anyone else to. I'm just trying to make sure that people really know: even with an authenticator, you still have to be prudent and careful. There's simply no getting around that.
|
Having an authenticator makes it so incredible much harder for a hacker to do their job. They would need your email, your password and a random digit code. I use an authenticator for my bank-services. Why do you think they use them? I'd say it's safe. Im not saying its foolproof.
|
|
|
|
|
|
Similar Threads
