Changing passwords frequently introduces potential security holes in that the new password may not be as secure as the old one. One such example is that the above user, Kerrianne, noted she uses a spreadsheet to generate a 16-digit password each week. With so many passwords, surely one could find a pattern of some sort. Each time that password is changed via the spreadsheet the chance of it being cracked is increased.In fact, the authenticator is unique in that it cannot be "undone" without the key which only Blizzard possesses, and which is different for each physical device. Furthermore, it takes physical access to retrieve as opposed to being data on a hard disk which can be accessed, possibly remotely in Kerrianne's case.
Use pass phrases, not passwords."When I strolled through the park on a cold sunday evening." (with punctuation)Is a way stronger, harder to guess and harder to crack than, but more importantly way easier to remember:"kfAUja92shoe2"You can vary the pass phrases on different web sites or games (like 'park' on World of Warcraft, but 'city' on Steam, etc).
I have 17 character password :DIt consists 9 letter word (of course in some odd foreign language most brute forces don't know), 4 random letter and 4 random numbers. Never ever got hacked in 8 years I've been using computer now :)Knowing something about password cracking, having moderately good password is enough, because the way 95% of passwords are cracked works like this:The cracker gets 5-10 most common passwords.The cracker gets list of thousands of accounts.The cracker tries those common passwords on every account.Then there are those dedicated ones, who choose account, and try whole dictionary on it. But it takes around month, so unless they REALLY want YOUR account, there is nothing to be afraid.
Also may i suggest getting a small sticky note and writing down a totally random phrase or code onto it.Example: If you have any wow cards, every pack has a UDE code card in it.a code such as HK3FQX80FWould be the start of the passcode. Combined with a uncommon phrase or language such as the word "Deutsch". (which means "german" if i understand correctly.)So the passcode should look like DeuHK3FQX80Ftsch This example password is registered as "best" On microsofts password checker It is also difficult to remember and exactly why you should get some stickies.Side note: If your desk is messy and already full of stickies then you dont need to hide the stickie, because people wont be able to tell the difference between some random codes and your lunch order XD
I use 1Password for all my passwords: http://agilewebsolutions.com/That allows me to use unique passwords for every webpage and service I use, very complex and up to 52 characters long.The only downside is that I obviously can’t remember them all, but I almost always have my iPhone (and thus 1Password) with me. And for WoW I also use Blizzard’s authenticator.
I purchased the Blizz authenticator. Have solid passwords, Not at all worried.
In summary, how not to get hacked:Don't have a moronic password...like "password", "dave", or "opensesame".Don't buy gold or power leveling. Not only do you encourage that vile, highly irritating and offensive, but sadly everyday part of WoW, you also run the risk of having your account thieved, and I would struggle to express sympathy if I knew that was the root cause. I say struggle, I mean would not, at all.Unbeknown to me at the time, my brother once purchased gold. I cannot WAIT for the day his account gets hacked, and I can say "I told you so".Everyone who perpetuates that disgusting industry deserves everything coming to them.Apologies for rant like nature of post - but it's all true.
WHOA necro time
This can't be a necro because the issue of account security never really dies out.Also, I hope none of you clicked that foreign link posted earlier...XSS attempt.
Everything needs a password, so much of a hassle.