I seriously doubt anyone is trying to brute force attack accounts of an mmo. It would take so many attempts spread over an extremely long period of time (can only attempt to log in at the speed of the launcher) just to get 1 account it isn't realisitic. It is also unrealistic to assume that a company wouldn't have some account lockout system in place to handles accounts tha exceed hundreds of thousands of failed login attempts.
Also, a strong password is meaningless to a keylogger or trojan. Computers could care less if a word is real or a scrambled sequence of letters and numbers.
No I have a wife and 2 kids that play. You miss the point I've played since vinella and now I've been violated
not just in game but my personal life also. This goes way beyond just being butt hurt I've been hacked about 4 years
ago then it was just a game getting hacked, but this time its not just a game its personal.
Sooo, you were hacked before , well before they gave up email addy's as log ins. Now you get hacked again and it is their fault. Seems like you would get hacked no matter what happens. Ive been playing since beta ... never been hacked, fiance hasn't either. Maybe we are just lucky but I believe alot of it has to do with protecting ourselves and doing the smart thing. Most people "think" they do the right things. Most people "think" they have not compromised their accounts, when they have. And most people will "never" tell you they screwed up and will blame their problems on someone else.
I seriously doubt anyone is trying to brute force attack accounts of an mmo. It would take so many attempts spread over an extremely long period of time (can only attempt to log in at the speed of the launcher) just to get 1 account it isn't realisitic. It is also unrealistic to assume that a company wouldn't have some account lockout system in place to handles accounts tha exceed hundreds of thousands of failed login attempts.
Also, a strong password is meaningless to a keylogger or trojan. Computers could care less if a word is real or a scrambled sequence of letters and numbers.
I agree completely. I was only responding to the first person who said that they "must" have clicked on an email and that they are a complete idiot. While it is likely something on the users end, not everyone that plays WoW is an IT security expert. There are also others ways. I agree even in my own case that it was likely some variant of my password that I used somewhere else. I just hate the typical "you are an idiot and clicked the linx noob" mentality. Sometimes I forget that posters here can be very young. I used to defend this site and its forums and suggest that there was good conversation. I guess I should add the caveat that it is as long as you avoid the WoW portions of the conversation which is an over generalization on my part of course.
I just find it funny how in a day i wasn't getting no fake mails from blizzard to another where i have registered a account at blizzard... makes me wonder... are they selling their customers e-mails to these scammers to increase profit somehow ?well... i don't know, but same thing happened after i created a aion account... after it was done.... in less then a week i started get more fake emails.... wonderful...
People don't get hacked. Stop using the word "hacked" in cases like these.
Either people get scammed from buying an account, they gave their password out to friends/family or they have clicked on a link/downloaded a keylogger.
Dude. No you don't. You keep the same email for everything else and make a brand new email JUST for your WoW account. That's what I did and it's worked wonders. Plus, when you start to see all the fake blizzard emails still going to the "old" email and not the new one, you know it's working. Give it a shot.
I never had a Wow account and still get those mails so you can get them anyways.
But the real problem anyways is answering those mails, just ignore anything that want you to log on anywhere except in the game and you'll be fine and never give away your password to anyone including "Blizzard".
Not true unfortunately. It just happened to me as I posted. I never entered the password anywhere and do not ever click on links in e-mail. I call the person or go to the web page myself. Still. Someone with enough time will try every email and password combination. I never bought gold, never clicked on a link and do not use the same password and log in for anything else.
And this is true for any system that uses a username and password. The thing is being smart about choosing your password. The longer your password, the more different characters and symbols you use will greatly increase the strength of your password.
You can actually reach a point with your password where it would take a brute force hack many years to break through.
As far as the reason behind using emails for username within battle.net it was actually a fairly smart move. You would be greatly suprised by the number of MMO players that forget there username. A VAST majority of CSR calls involve someone that has lost there username or in most cases username(s). Using a email address vastly cuts down on it since most people do not forget there email address.
Also you can call Blizzards CSR number and get your email address changed on your account. You are going to need a fair amount of personal information in order to do so, but it is something that can be done.
As far as there phones always being busy.. You have to take into account there are only a limited number of CSRs. Since I have personally worked at the same call center that does Blizzards Phone support, I can say the number of people are indeed limited. Last numbers I had was around the 200-250 active phone CSRs at the Call Center I worked at. The number does change all the time so it could be more or less. Average phone call is going to run around 15-30mins depending on the issue and if the customer has all the information needed to verify they are who they are. When you take that into account and factor in that there are over 4 million NA customers (World of Warcraft Subscriptions) and over a Million SC2 accounts. Thats alot of potential calls.
You might be asking why doesn't Blizzard just hire in more CSRs. Have you looked at there website? They have been for the last 4 years. But being a CSR takes a very special type of persona and not everyone can deal with handling 20+ angry people in a 10 hour stretch of time. I've seen many people come and go in the call center industry and more people tend to go then come in. Average turn around on a call center CSR is generally a 1 year period. If they make it past that 1 year mark you generally have someone that can hang in for the long hall. It generally takes a month of training to get a new CSR upto speed with the tools and procedures that the call center uses. Then about 2 weeks of on the floor training followed by monitoring for atleast another month before they are fully let loose.
People tend to think being a call center employee is a great job. Setting in a cube all day playing on the computer, ect. Well it's anything but that. Imagine having someone endlessly yelling at you to fix there problem for 10 hours straight. Sometimes you get that nice person on the other end of the line but its generally very rare and they always want YOU to fix there problem even if its something you can not personally fix.
I just find it funny how in a day i wasn't getting no fake mails from blizzard to another where i have registered a account at blizzard... makes me wonder... are they selling their customers e-mails to these scammers to increase profit somehow ?well... i don't know, but same thing happened after i created a aion account... after it was done.... in less then a week i started get more fake emails.... wonderful...
Oh yes, because Blizzard a company that makes more pure profit then most other wants to make even more money by increasing the work they have to do? That makes a whole lot of sense doesnt it!
I mean just for a second think about it. How much do you think they would make off of selling there customers accounts to scammers? Now think about how much money they have to sink into fixing each account of there customers.. To fix a customers account in World of Warcraft is going to cost them atleast $30 a character. You going to have the customer deal with a entry level CSR thats getting paid $9-$12/hour and its going to use up atleast 30 mins of there time. Then you will have to have a higher up CSR look into the account to make sure it was a legitiment hack / issue. Thats going to take atleast another 30 mins from someone making $12- $14/hour. Then they have to go in an start the restore process and then followup to make sure it was done correctly. Another 30 mins of someones time.
Then there is always someone higher up that checks all the restore logs to make sure the CSR's are not abusing there powers.
Yeah I can really see ther being a huge business there selling accounts out to scammers. I highly doubt that account security is anything but a profit area for Blizzard. If anything I bet they spend out millions a month dealing with account security. Thats millions they could be making instead of spending.
Blizzard isnt the only game company that uses this style of accounts they are copying a system that is known to work. Turbine, Sony, and NCsoft use a master account system to connect multiple games to 1 accoun. if you want to get technical Sony is the first company to do use this style. so its not a fail if you use a difficult password. its only fail if you use the same password for every internet account you use. for me every account i make has a uniquie password for it. Also install a virus scanner and spy war scanner and have them run atleast once a day.
"Possibly we humans can exist without actually having to fight. But many of us have chosen to fight. For what reason? To protect something? Protect what? Ourselves? The future? If we kill people to protect ourselves and this future, then what sort of future is it, and what will we have become? There is no future for those who have died. And what of those who did the killing? Is happiness to be found in a future that is grasped with blood stained hands? Is that the truth?"
Hmmm? well thats just it I now have to change my email. I also have to change it
with everything and everybody that I work with. So ya becuse Blizzard came up with the great
Idea to make me use my email as my log in now I have to tell everyone I work with I have a new
email becuse I got hacked playing a vedio game. If I was new to the game I would have as I do now
use an alternate email however that wasn't allowed and when I signed up I used my everyday email.
Dude. No you don't. You keep the same email for everything else and make a brand new email JUST for your WoW account.
rofl that defeats the purpose, which is to make sure you can get access to your account if you forget your password, this ensures you don't also forget what email it will be sent to.
You should also have the option to have it remember your password like websites do, the less info you type into a keyboard on your PC the safer you are.
Blizzard isnt the only game company that uses this style of accounts they are copying a system that is known to work. Turbine, Sony, and NCsoft use a master account system to connect multiple games to 1 accoun. if you want to get technical Sony is the first company to do use this style. so its not a fail if you use a difficult password. its only fail if you use the same password for every internet account you use. for me every account i make has a uniquie password for it. Also install a virus scanner and spy war scanner and have them run atleast once a day.
Yeah, but the other company's don't use your email as the user id. The problem is if you
do get stupid and didn't change your email to a special gaming email . Now your constantly
getting phishing emails. Emails are attatched to accounts just fine with joe bloe as user ID
I've still not seen anyone say why its a good Idea to have an email as a user id.
Thats why I blame Blizzard they are tech people they should be looking out for us. I don't
have an entire multibillon dollar company that has to fight internet crime daily they do and
it was a dumb idea to use email as user Id , they also got stupid about reall ID use on there
forums (just another poit) thank the omg they didn't do that.
Blizzard isnt the only game company that uses this style of accounts they are copying a system that is known to work. Turbine, Sony, and NCsoft use a master account system to connect multiple games to 1 accoun. if you want to get technical Sony is the first company to do use this style. so its not a fail if you use a difficult password. its only fail if you use the same password for every internet account you use. for me every account i make has a uniquie password for it. Also install a virus scanner and spy war scanner and have them run atleast once a day.
Yeah, but the other company's don't use your email as the user id. The problem is if you
do get stupid and didn't change your email to a special gaming email . Now your constantly
getting phishing emails. Emails are attatched to accounts just fine with joe bloe as user ID
I've still not seen anyone say why its a good Idea to have an email as a user id.
because your more likely to remember an email than a username. it took me a solid month to try to remember the user name and password to my AIM Account when i tried to think of the email it was attached to i was able to get everything back.
"Possibly we humans can exist without actually having to fight. But many of us have chosen to fight. For what reason? To protect something? Protect what? Ourselves? The future? If we kill people to protect ourselves and this future, then what sort of future is it, and what will we have become? There is no future for those who have died. And what of those who did the killing? Is happiness to be found in a future that is grasped with blood stained hands? Is that the truth?"
Blizzard isnt the only game company that uses this style of accounts they are copying a system that is known to work. Turbine, Sony, and NCsoft use a master account system to connect multiple games to 1 accoun. if you want to get technical Sony is the first company to do use this style. so its not a fail if you use a difficult password. its only fail if you use the same password for every internet account you use. for me every account i make has a uniquie password for it. Also install a virus scanner and spy war scanner and have them run atleast once a day.
Yeah, but the other company's don't use your email as the user id. The problem is if you
do get stupid and didn't change your email to a special gaming email . Now your constantly
getting phishing emails. Emails are attatched to accounts just fine with joe bloe as user ID
I've still not seen anyone say why its a good Idea to have an email as a user id.
because your more likely to remember an email than a username. it took me a solid month to try to remember the user name and password to my AIM Account when i tried to think of the email it was attached to i was able to get everything back.
That can happen. I've done but now I just write what I choose on the game box , book or disk case. Also until now
Yeah, but the other company's don't use your email as the user id. The problem is if you
do get stupid and didn't change your email to a special gaming email . Now your constantly
getting phishing emails. Emails are attatched to accounts just fine with joe bloe as user ID
I've still not seen anyone say why its a good Idea to have an email as a user id.
Thats why I blame Blizzard they are tech people they should be looking out for us. I don't
have an entire multibillon dollar company that has to fight internet crime daily they do and
it was a dumb idea to use email as user Id , they also got stupid about reall ID use on there
forums (just another poit) thank the omg they didn't do that.
Not to say you are stupid, but you did just point out that the problem lies on the users end. A poor choice by blizzard, sure, but still ultimately the responsibility of the user.
Having an email as a user ID guarentees a unique login name that is specific and memorable to each user. There are some benefits, but users have to have at least some level of responsibility to be involved with it.
Blizzard isn't selling your email address to account thieves so they an send you phishing emails. Phishing emails are being sent to any email hackers find on gaming sites, blogs, reviews, etc. That is why so many people are getting phishing emails to email accounts that have no ties to blizzard or other games.
I don't recall Blizzard alerting me that my email address was going to be my login name. I simply signed up for a chance at SC2 Beta, and they went ahead and assigned my email address as the account login. Thats their f-up. Not mine.
I've never had a game account hacked before. But Bliz found a way to make it happen. I agree with the OP. You kids yelling 'idiot' will eventually find out the hard way that it can happen to you too.
The way NCsoft avoids this problem is by giving you a NCsoft email address as your login, rather than just using your main email. When NCsoft is out thinking your company, you know you're a major league f-up.
Simply knowing your email address will not let someone steal your account.
As for getting hacked, it sure can happen to anyone at any time, but when it happens to me I won't run around blaming someone else. Perhaps its just me. If you didn't pay attention when you set up a battle.net account maybe the f-up isn't on their end? Just saying.
Comments
I seriously doubt anyone is trying to brute force attack accounts of an mmo. It would take so many attempts spread over an extremely long period of time (can only attempt to log in at the speed of the launcher) just to get 1 account it isn't realisitic. It is also unrealistic to assume that a company wouldn't have some account lockout system in place to handles accounts tha exceed hundreds of thousands of failed login attempts.
Also, a strong password is meaningless to a keylogger or trojan. Computers could care less if a word is real or a scrambled sequence of letters and numbers.
Sooo, you were hacked before , well before they gave up email addy's as log ins. Now you get hacked again and it is their fault. Seems like you would get hacked no matter what happens. Ive been playing since beta ... never been hacked, fiance hasn't either. Maybe we are just lucky but I believe alot of it has to do with protecting ourselves and doing the smart thing. Most people "think" they do the right things. Most people "think" they have not compromised their accounts, when they have. And most people will "never" tell you they screwed up and will blame their problems on someone else.
I agree completely. I was only responding to the first person who said that they "must" have clicked on an email and that they are a complete idiot. While it is likely something on the users end, not everyone that plays WoW is an IT security expert. There are also others ways. I agree even in my own case that it was likely some variant of my password that I used somewhere else. I just hate the typical "you are an idiot and clicked the linx noob" mentality. Sometimes I forget that posters here can be very young. I used to defend this site and its forums and suggest that there was good conversation. I guess I should add the caveat that it is as long as you avoid the WoW portions of the conversation which is an over generalization on my part of course.
Wa min God! Se æx on min heafod is!
I just find it funny how in a day i wasn't getting no fake mails from blizzard to another where i have registered a account at blizzard... makes me wonder... are they selling their customers e-mails to these scammers to increase profit somehow ?well... i don't know, but same thing happened after i created a aion account... after it was done.... in less then a week i started get more fake emails.... wonderful...
ffs authenticators are essentially free.
People don't get hacked. Stop using the word "hacked" in cases like these.
Either people get scammed from buying an account, they gave their password out to friends/family or they have clicked on a link/downloaded a keylogger.
And this is true for any system that uses a username and password. The thing is being smart about choosing your password. The longer your password, the more different characters and symbols you use will greatly increase the strength of your password.
You can actually reach a point with your password where it would take a brute force hack many years to break through.
As far as the reason behind using emails for username within battle.net it was actually a fairly smart move. You would be greatly suprised by the number of MMO players that forget there username. A VAST majority of CSR calls involve someone that has lost there username or in most cases username(s). Using a email address vastly cuts down on it since most people do not forget there email address.
Also you can call Blizzards CSR number and get your email address changed on your account. You are going to need a fair amount of personal information in order to do so, but it is something that can be done.
As far as there phones always being busy.. You have to take into account there are only a limited number of CSRs. Since I have personally worked at the same call center that does Blizzards Phone support, I can say the number of people are indeed limited. Last numbers I had was around the 200-250 active phone CSRs at the Call Center I worked at. The number does change all the time so it could be more or less. Average phone call is going to run around 15-30mins depending on the issue and if the customer has all the information needed to verify they are who they are. When you take that into account and factor in that there are over 4 million NA customers (World of Warcraft Subscriptions) and over a Million SC2 accounts. Thats alot of potential calls.
You might be asking why doesn't Blizzard just hire in more CSRs. Have you looked at there website? They have been for the last 4 years. But being a CSR takes a very special type of persona and not everyone can deal with handling 20+ angry people in a 10 hour stretch of time. I've seen many people come and go in the call center industry and more people tend to go then come in. Average turn around on a call center CSR is generally a 1 year period. If they make it past that 1 year mark you generally have someone that can hang in for the long hall. It generally takes a month of training to get a new CSR upto speed with the tools and procedures that the call center uses. Then about 2 weeks of on the floor training followed by monitoring for atleast another month before they are fully let loose.
People tend to think being a call center employee is a great job. Setting in a cube all day playing on the computer, ect. Well it's anything but that. Imagine having someone endlessly yelling at you to fix there problem for 10 hours straight. Sometimes you get that nice person on the other end of the line but its generally very rare and they always want YOU to fix there problem even if its something you can not personally fix.
This thread is making my eyes bleed. I can't comprehend what half of you are trying to say.
Oh yes, because Blizzard a company that makes more pure profit then most other wants to make even more money by increasing the work they have to do? That makes a whole lot of sense doesnt it!
I mean just for a second think about it. How much do you think they would make off of selling there customers accounts to scammers? Now think about how much money they have to sink into fixing each account of there customers.. To fix a customers account in World of Warcraft is going to cost them atleast $30 a character. You going to have the customer deal with a entry level CSR thats getting paid $9-$12/hour and its going to use up atleast 30 mins of there time. Then you will have to have a higher up CSR look into the account to make sure it was a legitiment hack / issue. Thats going to take atleast another 30 mins from someone making $12- $14/hour. Then they have to go in an start the restore process and then followup to make sure it was done correctly. Another 30 mins of someones time.
Then there is always someone higher up that checks all the restore logs to make sure the CSR's are not abusing there powers.
Yeah I can really see ther being a huge business there selling accounts out to scammers. I highly doubt that account security is anything but a profit area for Blizzard. If anything I bet they spend out millions a month dealing with account security. Thats millions they could be making instead of spending.
Blizzard isnt the only game company that uses this style of accounts they are copying a system that is known to work. Turbine, Sony, and NCsoft use a master account system to connect multiple games to 1 accoun. if you want to get technical Sony is the first company to do use this style. so its not a fail if you use a difficult password. its only fail if you use the same password for every internet account you use. for me every account i make has a uniquie password for it. Also install a virus scanner and spy war scanner and have them run atleast once a day.
"Possibly we humans can exist without actually having to fight. But many of us have chosen to fight. For what reason? To protect something? Protect what? Ourselves? The future? If we kill people to protect ourselves and this future, then what sort of future is it, and what will we have become? There is no future for those who have died. And what of those who did the killing? Is happiness to be found in a future that is grasped with blood stained hands? Is that the truth?"
rofl that defeats the purpose, which is to make sure you can get access to your account if you forget your password, this ensures you don't also forget what email it will be sent to.
You should also have the option to have it remember your password like websites do, the less info you type into a keyboard on your PC the safer you are.
You sent all of your account info to the fake blizzard imposter and blizzard is the dumb ones?
Yeah, but the other company's don't use your email as the user id. The problem is if you
do get stupid and didn't change your email to a special gaming email . Now your constantly
getting phishing emails. Emails are attatched to accounts just fine with joe bloe as user ID
I've still not seen anyone say why its a good Idea to have an email as a user id.
Thats why I blame Blizzard they are tech people they should be looking out for us. I don't
have an entire multibillon dollar company that has to fight internet crime daily they do and
it was a dumb idea to use email as user Id , they also got stupid about reall ID use on there
forums (just another poit) thank the omg they didn't do that.
because your more likely to remember an email than a username. it took me a solid month to try to remember the user name and password to my AIM Account when i tried to think of the email it was attached to i was able to get everything back.
"Possibly we humans can exist without actually having to fight. But many of us have chosen to fight. For what reason? To protect something? Protect what? Ourselves? The future? If we kill people to protect ourselves and this future, then what sort of future is it, and what will we have become? There is no future for those who have died. And what of those who did the killing? Is happiness to be found in a future that is grasped with blood stained hands? Is that the truth?"
That can happen. I've done but now I just write what I choose on the game box , book or disk case. Also until now
I just had one email.
Not to say you are stupid, but you did just point out that the problem lies on the users end. A poor choice by blizzard, sure, but still ultimately the responsibility of the user.
Having an email as a user ID guarentees a unique login name that is specific and memorable to each user. There are some benefits, but users have to have at least some level of responsibility to be involved with it.
Blizzard isn't selling your email address to account thieves so they an send you phishing emails. Phishing emails are being sent to any email hackers find on gaming sites, blogs, reviews, etc. That is why so many people are getting phishing emails to email accounts that have no ties to blizzard or other games.
I don't recall Blizzard alerting me that my email address was going to be my login name. I simply signed up for a chance at SC2 Beta, and they went ahead and assigned my email address as the account login. Thats their f-up. Not mine.
I've never had a game account hacked before. But Bliz found a way to make it happen. I agree with the OP. You kids yelling 'idiot' will eventually find out the hard way that it can happen to you too.
The way NCsoft avoids this problem is by giving you a NCsoft email address as your login, rather than just using your main email. When NCsoft is out thinking your company, you know you're a major league f-up.
Simply knowing your email address will not let someone steal your account.
As for getting hacked, it sure can happen to anyone at any time, but when it happens to me I won't run around blaming someone else. Perhaps its just me. If you didn't pay attention when you set up a battle.net account maybe the f-up isn't on their end? Just saying.