h1

Seri sez: It’s not paranoia if they really are out to get you.

May 7, 2009

It's a bird! It's a plane! It's the Battle.net Mobile Authenticator!This isn’t exactly breaking news, but the Battle.net Mobile Authenticator is now available for iPhone and iPod Touch. (More coming soon, I hope!) I’ve sung the praises of Blizzard’s authenticators before, so I will try not to be more redundant than usual. You might be surprised to hear that I don’t actually own one of those spiffy little dongles, given how passionately I spoke about account security.

What can I say? I’m cheap/lazy. Do as I say, not as I do.

The mobile authenticator, on the other hand… wow, they really ran me out of excuses this time. It’s free (which appeals to my frugal nature), it’s for iPhone (which is the only phone I have, Mr. Seri and I don’t even have a land line) and… did I mention it’s free?

Laziness did win out for a few weeks, but I finally got around to downloading the app yesterday and syncing it with my Battle.net account. It was very easy to set up; once you have the app installed it gives you a unique serial number that you plug into your Battle.net account (click “Change Security Options” after you log in to the Battle.net site) along with whatever the current security code is on the app. That’s it!

Once you’ve synced the app with your account, you’ll be prompted to enter a security code whenever you log in to your account so be sure you keep your mobile device handy. The code changes every 20 seconds or so, so you’ll need to be quick about typing it in before it expires.

This code is technomagical… it’s tied to your serial number in such a way that you can’t just use any authenticator to log in to an account that requires a code. You have to use your authenticator code, the one that’s tied to your authenticator’s serial number, or it just won’t work. For this reason, you have to be careful about doing anything that might change your serial number (deleting the app, restoring the device to factory defaults, etc) unless you log in to your account first and turn off the security setting to require an authenticator code. When you go back to turn it on, it will prompt you for a serial number again. Of course, a Blizzard rep can turn this setting off for you after verifying your identity… which I’m sure wouldn’t cost you more than a few vials of blood, a kidney and your firstborn.

Although Blizzard’s documentation indicates that you must have wi-fi access to use the authenticator, it seems to be working just fine for me over 3G.

I know that I’m probably going to have some ‘incidents’ in the future where I get annoyed with the inconvenience of having to dig my phone out just to log in (and I know for a fact there is going to be a problem with me forgetting my phone on my desk at home when I leave for work in the future) but I tell myself that it’s for the best. It gives me peace of mind, and keeps the grubby little paws of uninvited guests out of our guild bank.

Though, the irony hasn’t escaped me that my Battle.net account is now more secure than my online banking. Excuse me, I think I need to go change some passwords.

About these ads

11 comments

  1. They’ve been using this sort of thing for ages to put another layer of security on data. I mean, I’m working currently in the Health Care area and everyone uses something like this to protect HIPAA (That’s Health care Information Portability and Accountability Act for you non US Gov Speak people) covered information.

    I think Blizzard is the first to apply it to entertainment though.


  2. Nah, companies used to try to use ‘em as a piracy preventing tool. Didn’t last long, though, since they were freaking obnoxious and everyone hated them.


  3. @ Tarsus – I wasn’t trying to imply that the authenticator was a particularly novel/original concept. Yes, this sort of tech has been around a while. :)


  4. Thanks for the post, Seri! We’ve been using this technology for about ten years in the IT/Telecoms industry, primarily for logging into the work servers when you’re away on a business trip. It’s so good to see it applied to fun things for a change. I’m looking forward to battle.net rolling out fully in EU so we can start using it.


  5. Not sure if it’s my authenticator or the login system or me, but lately I almost always need to enter my creds 2 or 3 times before they’re accepted.

    I don’t think it’s me though, my fingers are the same size they’ve always been.


  6. I really want one of the (non iPhone) authenticators, but I’m also concerned about losing my authenticator (or having it break) and then not being able to get back into my account.

    The large number of items needed to prove identity to Blizzard (according to wowwiki) has caused me to not get one:

    * Your full real name.
    * Your full address including postal or zip code.
    * Your full email address (currently registered on the account).
    * Your account name.
    * The authentication key used to create the account.
    * Your Secret question and answer.
    * The last 4 digits of the credit card used on the account plus the expiration date OR the full code of a gamecard activated on the account.
    * A legible fax, scan or photo of a piece of government-issued photo identification, such as a passport or driving license matching the first and last name of the registered account owner.
    * A legible fax, scan or photo of the Authenticator token, with the code on the back fully visible.

    I’m not even sure how I would be able to provide some of those without having the authenticator. >_>

    I can’t convince myself that it’s more likely to have my account hacked then it is to have my authenticator malfunction.


    • Those requirements sound insane. I’m thinking that is an “either/or” list rather than a “provide all of the following” list.

      My bank has strong, and annoying, requirements, but they nowhere near approach that level of account credentials.

      My authenticator came in a little brown box with absolutely no documentation. I can’t believe they’d require a photo of the device itself.

      As for the game cards, I toss those the second I use them.


  7. Where are you guys?

    I miss my snark :(


  8. @ xavier – Fresh snark coming Tuesday & Thursday as usual this week. Both of us had the misfortune to fall ill last week. :/


  9. Ouch being sick is no fun.

    Awesome sight btw. Kick ass blog. Very entertaining, and full of humor.


  10. Man that sucks – hope you’re both feeling better. Don’t let my whining bother you :)



Comments are closed.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: