Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Password not valid

Forum Avatar
Evilmuffin
#0 - April 10, 2009, 8:53 p.m.
Blizzard Post
Okay I don't know what is going on here. I've scanned my entire PC, and it's completely clean. After maintenance on Tuesday I went to log in and it said my password was not valid. So I went to the WoW website to change my password, I put in my account name and email and had it reset. I changed my password to something different because I was scared I was being hacked (none of my characters had been logged in or been touched...yet). I continued to play like normal.

So today I went to log in and it said my password is not valid AGAIN. I just did all of the above again, PC is clean and my password is now reset/changed.

Why does this keep happening?
Forum Avatar
Syndri
#13 - April 11, 2009, 6:35 p.m.
Blizzard Post
Although you changed your previous email's password following your first compromise, Evilmuffin, it's still possible that the physical address was known. This element in conjuction with a lucky SQ/A or CD key guess may have left your account vulnerable.

With that said, if you've followed those recommendations provided within our two stickies in full, you've bolstered your security significantly. Stick with those scans and run them weekly. Keep checking our online store for incoming shipments of Blizzard Authenticators (early morning hours are usually best) or, if you've an iPhone, consider downloading our Mobile Authenticator application. Also be sure to keep your new email as isolated as possible.

You're taking a proactive approach to this incredibly frustrating situation, and I do applaud you for it. I assure you that our staff will work diligently to get you back on your feet and your account in working order once again. If you've any questions in the meantime, though, please let me know. I'm here for you and happy to help.


PS - Be sure to confirm that email change, too. Your new email won't be fully registered until you do. :)
Forum Avatar
Syndri
#19 - April 11, 2009, 9:05 p.m.
Blizzard Post
Here are some solid tips to practice at home, Evilmuffin:

  • Complete operating system updates regularly (preferably as they become available).
  • If you use FireFox, install NoScript and run it consistently while browsing.
  • Run antivirus and anti-spyware scans weekly.
  • Select a secure password and change it periodically.
  • Never willfully share your login and password. Even friends, family, and significant others can place your account at risk.
  • Be aware of "phishing" emails and websites, and do not to respond to any invalid requests. Remember that a Blizzard Employee will never ask for your password.
  • Monitor the availability of your email address and do not post it publicly.


Please note that if your email address was compromised—which, based on your testament, appears to be the case—your account would be placed at substantial risk, particularly if any elements of your email address (username, password, etc) overlapped with that of your WoW account. Working to maintain an independent and isolated email is thus one of your greatest tools.

If you feel it necessary, however, you may wish to reformat your system. While this will successfully remove any potentially hidden malware (provided that you do not do a system restore), working to protect that "clean slate" can be accomplished by those steps above. :)