This site makes extensive use of JavaScript.
Please enable JavaScript in your browser.
Live
PTR
10.2.7
PTR
10.2.6
Beta
Blizz Annouces the Authenticator!
Post Reply
Return to board index
Post by
41907
This post was from a user who has deleted their account.
Post by
Tyrsenus
Link
.
It doesn't say how this device "links" to Blizzard servers.
Post by
97210
This post was from a user who has deleted their account.
Post by
110423
This post was from a user who has deleted their account.
Post by
41907
This post was from a user who has deleted their account.
Post by
121748
This post was from a user who has deleted their account.
Post by
Sakkura
Looks like a very sexy idea. If the cost stays modest (like the 6.5$ it says), I would definitely use it.
Post by
Isen
I wholly approve.
I'm a very paranoid person, so something like this is a nice little security blanket to have. If Blizzard could lease this to Steam, that would be an extra helping of awesome. I'm always hearing about people having their Steam hacked....
Post by
125410
This post was from a user who has deleted their account.
Post by
11251
This post was from a user who has deleted their account.
Post by
Arideni
I'm quite sure they've thought about the overhead, considering 10 million subscribers. I can only imagine the revenue generated by this device, propagated by the RMT market. Almost as if they manufactured their own problem's "solution," no?
Post by
122668
This post was from a user who has deleted their account.
Post by
pelf
A problem I ran into way back when these were first used for security... Since it uses time synchronization, there is a possibility all dongles would generate the same output. It doesn't seem to specify whether or not different algorithms per device will be used or whether or not one algorithm (the "seed") will generate different results. If the only modifier is time, then anyone in the security industry will be able to tell you that
reverse engineering
is a nasty beast.
Another problem is that they are putting a
physical device
into the hands of the general public. I worry about how easy a 6 digit code will be to crack.
Not to mention the amazing amount of overhead they are going to have from people losing them. Excellent idea, however.
If the numbers roll over as much as every 30 seconds, that means you have 30 seconds to crack a sequence of 6 digits. That's 1,000,000 possibilities for configuration of /{6}/. I doubt you have as many failures as that :).
Also, each token has its own serial number and (ostensibly) its own seed. The server associates the serial number (which you have associated with your WoW account) with the seed it knows that particular token was started with. Then it predicts/calculates (based on time elapsed since that particular token was brought to life) what number in the sequence your token is on.
As for your implied question about algorithm: it would be the same random number algorithm for each device only differing by seed. For any particular random number algorithm, the sequence of numbers is always the same for each seed.
*
Having a physical "thing" is part of
two-factor authentication
. Something you know + something you have. It handily defeats pure password-knowledge-based attacks.
If you lose it, you get to pay them 6.50 again :).
*
Before someone corrects me on my assertion about random number algorithms: it's possible for an algorithm to generate
different
sequences for the same seed. In that case it's most likely that the algorithm is providing its own
salt
to the seed that you have provided to it based (usually) on something related to time.
Post by
102953
This post was from a user who has deleted their account.
Post by
Discover
I have several of these things for different types of services I use and places I visit and I /applaud Blizzard for adding this to their service. Great addition!
Post by
pelf
I have several of these things for different types of services I use and places I visit and I /applaud Blizzard for adding this to their service. Great addition!
Quite so. I have the Paypal/Ebay one that cost about the same as this one will. Outside of the cost of buying it, it doesn't cost me anything more than a spot on my second keyring, and the return is pretty significant.
Post by
Nargil
I found it quite strange that there was a small group of people on the wow general forums that were very annoyed/insulted at blizz for bringing these out.
Post by
LoboBiZARro
Having my account high jacked once, by a key logger I would assume, this is great. At least when my account was high jacked, it did not have a negative impact, other than the hassle of calling Billing (ugh!) to get my account back. But this, this is great. PayPal has it and it works great. Will definitely buy.
Post by
LoboBiZARro
I found it quite strange that there was a small group of people on the wow general forums that were very annoyed/insulted at blizz for bringing these out.
In 27 years of my existence, I have learned that there are some people who will always be against a crowd. You can't make everyone happy, you do stuff that helps one and does not help another, and some that just like to go against what ever you do to annoy. I'm pretty sure the last group is the one that is found in WoW in abundance. Especially on the forums.
Post by
128722
This post was from a user who has deleted their account.
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.