Authenticators? diablo 3

[boiler]

Seeing as how this is my first Blizzard game since Warcraft III came out, I'm new to this whole Battle.net stuff. Some casual reading has brought up the topic of account theft, which led to authenticators. Anyone here use them? Would you recommend them? I picked a strong password that I don't use for ANYTHING else online and I'm sure I would catch any attempts at phishing.

 

Just curious if a mobile authenticator app on my droid would be worth it / necessary.

[JackieChan]

Mobile app is free and you don't need to enter the authenticator code every login. They just add another layer of security. Its not an "end all" to account theft, unfortunately.

 

Protip: passwords are not case sensitive

[Jerkoff]

Looking around I saw a lot of complains on how Dial Authenicator doesn't work or just fail to keep the account safe. I have the keychain mobile authenicator since I got hacked once before during my WoW times. Is extra security just for 6.50 or you can get the app one for free as Jackie mention.

[Flitterkill]

There is absolutely no reason why the mobile authenticator would be any less secure than the key chain/card version. Both do exactly the same thing.

 

I'm pretty sure I read the same stuff you did about the mobile auths being less secure - all nonsense and you'll note that all the hubbub about hacked accounts has died down alot now... They are keyed number generators. They all have a unique serial number, even the mobile ones you download. You must attach that serial number (from the mobile or the key chain/card) to your battle.net account. Once you have that done that's it - basic, secure two-pass auth security. Every 10 seconds or so a new number is generated based on your serial number. You have it with your phone app version or the key chain/card physical version. On Blizzard's end they have the exact same algorithm and since you attached the unique serial number to your account they can generate the exact same numbers you do with yours. And that's it.

 

Honestly, this two pass stuff would solve a lot of other real world problems - namely ATM and credit card hacking. Steal the card and pin all you want but if there is an authenticator behind it a fat lot it would do you.

[shift]

I use the mobile app.

[boiler]

Sounds like I ought to give the mobile app a shot. I don't plan on using the RMAH or anything, but getting my account hijacked and my stuff stolen would be a major PITA. If it keeps my account secure, then I don't care if it takes an extra 15 seconds to log in.

[JackieChan]

If you get the mobile app, it even works without having data enabled on your phone. So, even if you wanted to, link it with an old android/ios phone that you don't use anymore and use it strictly for the authenticator.

[Jerkoff]

Flitter, there are two different kinds of Authenicator and you might have got the wrong idea from the one I'm talking about. One is the Mobile APP Authenicator that you open to get a code from it. The DIAL in one is where you have to call in the number and then they give you the code. The Dial In Authenicator has been reported with issues by many and some from admins too...or so I believe from what I've read.

 

Key Chain Mobile Authenicator - Cost $6.50, push of a button and code comes up

Application Mobile Authenicator - Is all free, gives you code when you open it

Dial In Authenicator - Is also free also but you have to make a phone call they give you and then a pin number.

[Flitterkill]

Yep, my bad. Though why people are complaining about the dial-in auth when Blizzard already said it wasn't set up to work with D3 in the first place...