Tag Archives: Blizzard Authenticator

WoW Classic Instance Limit Changes and Extra Bag Slots

In WoW Classic things seem on track for the start of the Ahn’Qiraj events on July 27th, which I mentioned last week.  This past week saw a couple of smaller changes to the game.

Classic is as classic does

Previously Blizzard announced that they would limit the number of instances an account could enter per realm in a 24 hour period to 30.  This was part of their ongoing war on botting in WoW Classic.

However, in a hot fix patch they changed that from an account wide limit to a per character limit.

The newer limit of 30 instances in a 24-hour period is an extension of the 5 instances per hour limit, which was tracked per-realm since it was first implemented in 2005. The intention behind both of these restrictions is to reduce the profits for new bots when they first come online and haven’t been removed yet. We’ve concluded that a per-character limit will be just as effective, while being less restrictive to legitimate players who have multiple characters on the same realm.

In addition, the previously promised extra bag space for accounts using the Blizzard Authenticator arrived this past week.  If you have that setup your default sixteen slot bag is now a twenty slot bag.  Blizzard explains their reasoning:

We recognize this is a notable change from original WoW. Account security is very important to us, and we want the reward for securing your account to apply to WoW Classic, as it has applied to World of Warcraft for many years.

While this is a variation from vanilla WoW, I am happy enough to have four more bag slots.  It doesn’t change the overall experience but it does make my hunter a little bit happier.

now 20 slots

This didn’t mean much when it his retail WoW, as I have had access to pretty much unlimited 30-slot bags since Warlords of Draenor.  But when you are down a bag due to having a quiver or ammo pouch and you still remember that ONE time you got a 16-slot bag drop back in vanilla, those four slots make life a little bit better.

Authenticators… Are They Still a Thing?

In which I demonstrate I am clearly running out of things to write about.

There was a point in time, a few years back, when account authenticators were very much a thing.  Back when WoW accounts seemed to be getting hacked almost constantly and people were even phishing for EverQuest II account data, authenticators were news.  I, my daughter, and my mother all have authenticator fobs for our respective WoW accounts.

How many times have I used this shot?

How many times have I used this shot?

I also have an authenticator fobs for SOE games, although I stopped using it.  Blizzard managed to streamline the authenticator process, requiring it only weekly so long as my IP address/login computer doesn’t change.  SOE’s “append your token to the end of your password” method, which was always a bit awkward, is also resistant to any streamlining.  (And they show a freakin’ SOE mini-splash screen for two seconds when you hit the button? WTF?)  So I decided a long password would suffice for them  Plus, who steals SOE accounts these days?  Is there any money in that?

Other companies offered them as well.  Square Enix had them for their Final Fantasy XI and Final Fantasy XIV MMOs.  EA offered up an authenticator fob for Star Wars: The Old Republic as part of the collector’s edition.

The key item for me

Look, a fob!

If I recall right, CCP even gave out an authenticator fob, or at least talked about one, for EVE Online at FanFest a couple years back, though they have not to my knowledge, implemented multi-factor authentication with it so far… which seems odd, given the meta game there.

All of these are branded versions of the VASCO Digipass Go 6 device.  The trend seemed to be to go that route, no doubt because VASCO has a package that made integration manageable and ability to supply a company like Blizzard, which has millions of customer accounts.  This also allowed companies to go with a “mobile authenticator” option, giving players access to authenticator functionality on their smart phones.   Some companies, such as Trion, have opted to go solely with such an options.  Others, like SOE, only have the authenticator fob option, but promise to get smart phone functionality in the near future.  (But not soon.  We know what SOE means when they say “Soon™”.)

Not that the SOE approach bothers me.  I do not actually own a smart phone, and while I have an iPad, it tends to be a device I only use when away from my computer.  So the authenticator fob works out well for me.  It is a small, single purpose device that sits right where I need it, next to my keyboard.

But, aside from SOE and Blizzard, not many companies seem to be pursuing the who authenticator fob idea.  Square Enix was perpetually out of st0ck on fobs, while I am not even sure you could buy one independently from EA.  And even Blizzard seems to go hot and cold on the idea.  For a while they were giving them away if you knew where to look, while at other times they haven’t been available for love or money.  That was most recently the case when they split the Blizzard Store into the Battle.net Shop and the Gear Store. (Hint: It is in the Gear Store.)

Then again, WoW is the only game where accounts getting hacked seemed to reach epidemic proportions, with nearly everybody in our little guild who didn’t have an authenticator having their account hacked or otherwise compromised at one point a couple of years back.  So I am not sure I really need to bother with an authenticator for other games.  Somebody tried to access my GuildWars 2 account last month… I got three email messages that were in response to a request for a password reset… but there isn’t anything there to steal.  I am not sure I would even notice if somebody got in and did something.  But I changed the password on that email account ahead of schedule, just in case.

So where do people stand on the whole authenticator thing these days?  I wouldn’t remove mine from my WoW account given past history, and I might like the option for EVE Online, given its meta-game tone.  But I feel comfortable enough with decent, unique passwords on other accounts.

How about you and authenticators, fob or mobile based?

WoW Account Hacked… Officially No Longer News

I know maybe 20 people who both play World of Warcraft and who would bother to let me know if their account had been hacked.

And 20 might be stretching it.  A dozen might be closer to the mark.

But let’s call it 20, because I know it is more than 10 and 20 is a nice round number.

And as of this week, five of them have had their accounts hacked.

I received an email from a friend with this screen shot attached.

Account Disabled

That was Tuesday.

I figured that it was maintenance day, maybe that was the cause.  Strange things happen on Tuesdays.

After all, this friend of mine works in a security conscious industry, uses strong passwords, and plays WoW on a Mac.  An unlikely candidate for this sort of thing, right?

But no.  After getting in touch with Blizzard support, it turned out that his account had been hacked.

The usual routine.  Characters stripped or deleted.  I didn’t ask if there was a guild bank involved.

He now has the Blizzard Authenticator app on his iPhone, so he is better protected.  There shouldn’t be a “next time” in any case.

But having something like 25% of the people you play WoW with get their accounts hacked moves this sort of thing from a rare and tragic event to something akin to, say, losing a cell phone.  It is inconvenient, but it happens all the time.  It ceases to be newsworthy.

I would like to know how so many accounts get hacked.  That would be worthy of a post.

WoW Account Hacked – This Just Keeps Happening

Another friend and member of our guild who had been out of WoW for a while just went back to re-up to play with a friend, and was greeted by this:


Somebody got his account information, somehow, and then used the account in such a way as to get it banned.

Unlike the last guild member who got hacked, this time the guild vault did not get looted.  Instead, it seems that they just used the account as a gold selling mule for a while… his characters were probably spamming gold seller URLs in chat for a while… until Blizzard turned off the switch on the account.

After an hour on hold, the Blizzard rep began the process of restoring the account.  The rep told my friend more than once that Blizzard is getting very good at restoring people’s accounts after such an event.  No doubt they get a lot of practice.

And my friend now has the phone version of the Blizzard Authenticator set up.

Another tale to remind people that, yes, this might happen to you.