Account compromised following auth switch

#0 - Nov. 15, 2010, 3:49 a.m.

Short version of the story - my account security was violated today as a result of a hacker logging into my account on Battle.net, allowing them to verify that they had my client password. They took quite a bit of stuff out of our GB. My account has been reset since, and my restoration is in progress.

It seems like the dial-in authenticator doesn't perform its security checks through the Battle.net Website, and only through the game client? If that's the case, then its ability to protect the account seems hindered.

(I've switched back to the mobile authenticator and have advised members of my guild to do the same.)

Vrakthris

#3 - Nov. 15, 2010, 4:37 a.m.

The Dial-in Authenticator is the latest addition to the ever increasing layers of protection that we are trying to provide players, Astagerus. This system will look for activity outside your normal pattern. There are many actions that can fall within an accepted parameter and over time the system will be tweaked to have greater accuracy. If suspicious behavior is detected and the account becomes temporarily locked the Dial-in Authenticator allows you to call in and validate your play session by phone, that is all.

It is an option for those who may not be able to or want a physical or mobile Authenticator. Those two devices would still be the better options as they are asked for each and every time, guaranteed.