authenticator

Over the weekend my Blizzard Authenticator arrived. I missed ordering one when they first became available, but was able to order one when they became available for a few hours on July 11. I believe it's a tiny price to pay for the added account security.

There are already a few write ups and pictorial tutorials on how to get this working with your account so instead of repeating what has already been done, I'm just going to link to Aurdon's post at I Sheep Things because he even has a little video on it.

To you multiboxers out there, once you link your accounts to the same Authenticator, you could use the same code on all your accounts as long as you log in to all of them within the time before the code changes again (something like 30 seconds).

Just a quick note, but if you haven't heard already, the Blizzard Authenticators are back on sale again (at least as of 8:30am PST). I just ordered mine. So if you didn't get one the first time and wanted to get one, hurry before they run out again.

I've heard that the Blizzard Authenticators are arriving for those that were lucky enough to order them before they sold out. A post from the multiboxing community show that linking multiple accounts is not a problem, and that if linked to all accounts, one code could be used if logged in simultaneously. I wonder how long a time could lapse between logging into multiple accounts before a new code needs to be entered for the subsequent accounts? I wish I could test that out but since I don't have one yet I'll have to ask over at the Dual-boxing forums.

Update: As long as you could log in within the time between the authenticator automatically changes it's code (30 seconds), you could log into the accounts your authenticator is associated with. It's not that big a deal but as a multiboxer I just wanted to know.

I went to order one of those Blizzard Authenticators and to my surprise they were sold out. I wonder how many they had made and whether they just underestimated the potential demand for those things. I'm going to keep checking back to see when I'll be able to order one.

I saw over at Big Bear Butt that he was able to order one yesterday, so it only took a day for them to sell out. I'll have to keep an eye out for his report on it until I could get one myself.

Here's a blue post on the official forums.

Today, Blizzard announced the Blizzard Authenticator. It's a hardware "token" that would provide a second level of security to your WoW account if you choose to participate and purchase the device. Check their FAQ for more information. It's basically an RSA SecurID token or something very similar.

Blizzard recognizes that better account security means implementing more factors into authenticating that the person logging into the account is really the owner of that account. The introduction of the Blizzard Authenticator is really a step in the right direction. We are all currently using a single factor authentication scheme (i.e. passwords). This device along with your account password introduces two-factor authentication. The more factors the better (there are three). The third factor may be a little hard for Blizzard to implement at this time; biometric (e.g. fingerprint, voice, retinal pattern, or DNA).

However I'm wondering if Blizzard can't implement something similar without asking people to spend an additional $6.50 for this hardware device. How many of you have a mobile phone? Do you always have your phone with you? Would you be less inclined to lose or forget the location of your mobile phone than this device?

So why can't Blizzard set up a means for us to use our mobile phone as an second factor authentication? Imagine that you log into your account as you usually would, but then another box appears for you to enter a number sent to your mobile phone. It's similar to the way the Blizzard Authenticator would work, so why not use our mobile phones?

I hear that Blizzard are already testing something like this idea in Taiwan but I have yet to verify that. I'm sure Blizzard has put a lot of thought into this and have determined that this was the better solution for now. So what do you all think, can your mobile phone act as your second factor authenticator?