WoW Authenticator Keyfob

This isn’t even vaguely pet related, but nevertheless I think it’s neat. Blizzard has announced the Blizzard Authenticator, an electronic device that “offers enchaced security for World of Warcraft accounts”.

Basically, it’s like an RSA SecurID keyfob that you can associate with one or more WoW accounts. After it’s associated with an account, you need both your normal login info (account namd and password) plus a 6-digit keycode that is generated by the keyfob on the spot in order to login.

The keycode that is generated changes every so often (like once a minute) and is valid only once. This pretty much breaks the usefulness of keyloggers for getting into your WoW account, since by the time they log your code it’s no longer valid.

Of course, this also means that you need to physically keep the fob with you in order to login. Don’t lose it! But I’ve used an RSA SecurID for many past jobs, and I have one for the contract I am working now. They actually offer a pretty good intersection of convenience and security.

Blizzard has posted a nice FAQ about the Authenticator on their Support website. I’m looking forward to getting mine. (The FAQ says that US customers can order one from the Blizzard Store for $6.50, but they don’t seem to be available yet.)

16 thoughts on “WoW Authenticator Keyfob

  1. Drotara

    I think it’s a great idea. Although I consider myself careful with how my computer and my wife’s computer are run, I always worry just a bit about that kind of stuff. Looking forward to getting them too.

  2. batgrl

    From the FAQ it sounds like it’s a one time fee that we can then make use of for all our accounts – and since we have more than one, that’ll be a handy thing, especially since all our computers are in the same room. Of course it does ramp things up a bit for the keyloggers – makes me wonder what strat the gold stealers/sellers will try next. I started to wonder whether this should just be offered to all subscribers if it’s supposed to be useful. But then again, not all subscribers would want to use this anyway, and I’m sure some gamers would just think it was a bother to have to keep track of a fob.

  3. Shelgeyr

    I think this is a great idea, having used similar authenticators in the past as well, and have already been mentioning them on the websites of the guilds I am a member of to increase awareness (since not everyone checks out Blizzard’s pages!). Hope they are not too long in coming to the on-line store.

  4. PepsiJedi

    Sounds good in theory, but discussing it with some people in my guild tonight, the technology is anything but perfect. Apperently after a few months the little fobs start to ‘loose sync’ and eventually are not calibrated to the rotating number thingie you need to get in.

    I’ve only used one of these things a few time but he’s in the military community in DC so…. I kinda take his word. He said it was annoying to the point that the military stopped using them due to flubups and what not.

    So while I applaude Blizzard’s thinking and stuff I’m curious to see some tests before I sign up.

  5. Suzi

    It does sound interesting. I’m looking forward to the WWI this weekend when others can try them and report back on how well they work. I’m also sort of glad it’s optional because not everyone would want to bother (although I think it’s worth the time to do if it makes me feel like my account is a little more secure).

    I like that it can be used on more than one account and anywhere in the world. That doesn’t really make much difference to me but I know of other people who have several accounts or travel a lot so I’m glad that they’re not restricted.

  6. Dmok

    Can’t say I’m overjoyed at the possibility to pay more money to Blizz for something that (to me) should have been secure in the first place. If you get keylogged … l2internetbetter? I don’t know, to me this whole thing shouldn’t really be that big of an issue. People do online banking and stuff like that all the time. That stuff doesn’t suffer from keyloggers and the like.

  7. Vanyalosswen

    I read a blog entry listing some various possible keylogging protection measures, and they seemed pretty nice, as well as requiring no extra physical objects that players would have to buy and hold onto.

    Depending on what kinds of security systems the people at Blizzard have access to, the keychain idea might have seemed more intuitive. Maybe the developers themselves use them to log into their coding software. I still can’t help raising an eyebrow at the fact that they’ve chosen a method players have to pay for.

    Article at

  8. ChessElemental

    This isn’t even vaguely related to the post, but on the Petopia main page it looks like the white cat that’s sitting is floating slightly above the floor.

    Just so you know.

  9. Ketari

    PepsiJedi – the cheap ones tend to last a few weeks, ime

    You can get ones which are a lot more robust, but you’re talking $20, not $4

  10. Zack

    Just a heads up, they’re now available at Blizz’s store. Just shy of $7 after tax, and no shipping cost on ground delivery.

  11. batgrl

    “I’ve only used one of these things a few time but he’s in the military community in DC so…. I kinda take his word. He said it was annoying to the point that the military stopped using them due to flubups and what not.”

    This is very close to the complaints I once heard about using the swipe card technology that is used at many companies to keep buildings secure. I can remember working at one company where the employees would prop the door open, complaining that keeping track of id cards to open doors was too much trouble. But that was some years ago. Most of the places I’ve worked in the past few years? All use similar card swipe-door opens system. (And one of those was a government job.) So, perhaps this keyfob system will take a similar warming up period.

    “People do online banking and stuff like that all the time. That stuff doesn’t suffer from keyloggers and the like”

    Hacking occurs in all systems, and techniques used to hack Wow accounts have been used for other theft. Security folk will admit that systems are breached – but tell you that their job is to make sure that it’s quickly stopped and more importantly not made public. And DEFCON is a very informative convention if you want to learn more about this kind of thing, and perhaps get a job in system security.

  12. Pingback: Mania’s Arcania » Authenticator Arrives

Comments are closed.