Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Password Complexity

Forum Avatar
Ratfink
#0 - Sept. 25, 2010, 7:43 p.m.
Blizzard Post
Why can't we use special characters in our passwords? My account was hacked a few months ago and it was NOT due to any spyware running on my system. I did a full system scan with 5 different programs looking for keyloggers, bots etc etc and they all came out clean. Someone obviously either got my password using brute force or hacked blizz. I think that if blizz supported characters like *,#@$% the password hack would be much harder from a brute force attack type scenario.

Forum Avatar
Nevalistis
#10 - Sept. 25, 2010, 11:09 p.m.
Blizzard Post
Certain (though not all) special characters are allowed, Ratfink. You can see the password rules here:

Changing a Battle.net Password
http://us.blizzard.com/support/article/25901

If you scroll down and take a look at the screenshot, there's a list of Password rules there. They include:

Password Rules

    * Your password may only contain alphabetic characters (A–Z), numeric characters (0–9), and punctuation (!"#$%).
    * Your password must contain at least one alphabetic character and one numeric character.
    * You cannot enter your account name as your password.
    * Your password must be between eight and sixteen characters in length.
    * For your security, we highly recommend you choose a unique password that you don’t use for any other online account.


I can assure you that at Blizzard, we have not been hacked. If that situation ever arises, we will absolutely inform our players - it is required of us to do so.

There's a variety of ways that a password can be obtained. Some of the most common are phishing attempts, both in game and via e-mail. Others can be malware, as you've suggested - you may also want to run those scans with your World of Warcraft launcher open and try typing some gibberish into the name and password entry fields.

You might also benefit from reviewing our Battle.net Account Security Awareness site - there's some helpful tips on how to keep your system secure as well as information on how most accounts are commonly compromised.

Battle.net Account Security Awareness
http://us.battle.net/security/