WoW Security Dongle Planned?

[Toytown]

Blizzard is considering implementing a voluntary security system for World of Warcraft. This system would generate passwords that you could use only one time. Because your password would constantly change, your account would be more secure. If a system of this type were to be -implemented, how interested would you be in using it?

* Disconnected Token. A disconnected token is a physical object that will fit on your keyring or in your pocket. Questions regarding security systems Blizzard have been looking at:
* It has an LCD screen and a button or keypad. When you press the button or keypad, it will display the password on the LCD screen. It runs on batteries that will last for years. For security reasons, the batteries can’t be replaced when they run out.
* Connected Token. A connected token is similar to the Disconnected Token but has one more level of security. It connects to your computer either through a USB port or through a wireless connection to authenticate your token before generating a new password which you will then be able to enter into your account.

* Software Token. A software token is similar to the Disconnected Token except that it is not a physical object on your keyring or in your pocket. Instead, it is a software application installed on a portable device that you already own, such as a cell phone, palm pilot, portable music player, Windows Mobile device, etc.

http://forums.worldofwar.net/showthread.php?p=3852132#post3852132

Whilst i understand the advantages it gives to security for the account, i just dont see this being such a great method. I already have a

"Disconnected Token" for my Corporate VPN login.
"Disconnected Token" for my Online Banking.
soon to have a "Disconnected Token" for my Paypal

So you can see, i dont want to walk around with 20 key fobs in a year or two, just so i can access my stuff.

 

[markt435]

omfg....

 

[LordVampyre]

big brother at his finest!!!

 

[Martyr]

i think a more effective solution would be a bat applied to the upside of the head of people dumb enough to click keylogger links or to give out their passwords to china for leveling services.

 

[Draax]

i think a more effective solution would be a bat applied to the upside of the head of people dumb enough to click keylogger links or to give out their passwords to china for leveling services.

For Blizzard to even consider implementing something like this, I would think keylogger links are not the only way passwords are being stolen in WoW.

 

[CodeX]

Project Entropia did this years ago.

 

[Luxor]

....One word.

"Wow."

 

[Obi_Kwiet]

It's a service, it's not mandatory people.

 

[Crapinapale]

big brother at his finest!!!

Uhh, I disagree. Big Brother would be monitoring software,which isn't what this is. Also, Big Brother would be something that you don't have a choice toward, and in this case you've actually got two tiers of choice; One of choosing to play the game (yes, it is a choice) and two of using this service.

Not really big brother at all.

 

[chronic9]

if it was CHEAP, i would sign up for it.

i never knew paypal made a token... can you link me to that site?

 

[BinarySynapse]

if it was CHEAP, i would sign up for it.

i never knew paypal made a token... can you link me to that site?

It was on the front page news yesterday I think.

Maybe someone could invent a dongle that can be utilized for multiple sites. Just download a file that updates the dongle to generate keys for each site you need to use it with.

 

[AC!D-RXN]

Maybe someone could invent a dongle that can be utilized for multiple sites. Just download a file that updates the dongle to generate keys for each site you need to use it with.

Only problem is, if that gets compromised, you are screwed X 10

 

[Shivetya]

i think a more effective solution would be a bat applied to the upside of the head of people dumb enough to click keylogger links or to give out their passwords to china for leveling services.

Actually you do not have to click anything to get hit with a keylogger, recently two UI addon sites were afflicted with keyloggers embedded inside of GIF based ads.

Worse, only certain AV programs caught it (AVG 7.1 did not catch it on one of my machines but Blizzard caught it)

 

[Draax]

I also seem to recall, at the end of the WoW beta, someone got a hold of the CMs passwords on the forums and was posting as them. Now anyone who plays WoW knows that your login to the game, is the same as your login to the forums. So lucky guess on a CM password? or backdoor? you decide.