#0 - Nov. 10, 2010, 7:51 p.m.
I tried to log into my account from a starbucks (I do this on a regular basis, maybe 2-3 times a week.. it might even be a different one each time).
I was immediately informed that I had to check my email address for more information on unlocking my account due to it being locked because of suspicious activity.
I was required to change my password on my account via a link in my email. When I clicked this link, I was redirected to https://us.battle.net/account/support/password-reset-confirm.xml?ticket=XXXXXX (with the XXs being the ticket number?).
There are two boxes there, one that tells me to type in a new password and another that said to confirm my new password by typing it again. When I typed them in, my password was immediately changed.
This new thing you have going totally bypasses every security that you already have in place.. I was not asked for my old password and I was not asked for my authenticator.
So if my account really was being hacked or whatever... most likely they also have my email address and they can just change my password like that?