Blizzard Hack: A Security Guide For Battle.net Users - taylorwashound

If you play PC games from Snowstorm Amusement such as Diablo III and World of Warcraft you involve to review your account security American Samoa before long as you can.

Blizzard has confirmed a security falling out compromised a astronomic amount of user business relationship data for Engagement.net gamers. Blizzard is warning players connected Northwest American servers (including players from North US, Romance America, Australia, New Zealand, and Southeast Asia) that hackers have nabbed user e-mail addresses, answers to security system questions, a database of "cryptographically disorganised" passwords, and As sensitive data related to dial-in and smartphone app-supported two-factor authentication.

[RELATED: Apple and Amazon Hacks: How to Understate Your Risk]

Blizzard says the stolen information alone isn't enough to wisecrack into accounts. The scrambled passwords, for example, were protected by the Secure Remote Password (SRP) communications protocol, a key-based authentication system. The company says anyone trying to crack the passwords would have to decipher the passcodes one aside one.

Nevertheless, Battle.net gamers are organism advised to change their passwords, too as take a number of strange security system measures. If you're a Combat.net gamer, here's what you need to know nigh securing your account and what to expect from Blizzard in the coming years.

Change Your Password

Snowstorm is recommending that all Conflict.net users change their account passwords.

You can do that by clicking here. Or, log into Battle.net and click on the "Account" link at the top of the page. On the next Page click "Settings" and pick out "Change Password" from the drop-down fare.

Expect a Security Question Change

Blizzard does not yet have a chemical mechanism in place to let you change your security question, a measure for account recovery and personal identity verification, which is a real bummer considering hackers have your answers. Merely the company says it is working to create a feature article that will let you change your question through and through the account management place. In one case the new measure is active, you will be automatically prompted to change your security question.

Blizzard said it didn't immediately revoke users' protection questions because it believes "retention the secret questions and answers in place still provides a level of security against unauthorized users World Health Organization preceptor't have access to the compromised data." The problem, withal, is that some bad guys do have access to your security interview answers. Colour me unimpressed.

Two-Factor Authentication App Update Collect

It's non clear what tolerant of information was stolen, but sensitive data relating to Blizzard's free two-factor authentication smartphone app, Conflict.net Mobile Authenticator, was also compromised. Blizzard says the information "could potentially via media the unity of North American Mobile Authenticators." Blizzard likewise says hashed phone numbers were compromised for users of Dial-in Authenticator, a service that is no longer available to new users.

Mobile Authenticator users should be on the lookout for an update to the mobile app. It's non clear whether Blizzard has any plans to deal with compromised data for dial-in authentication users.

Enable Two-Factor Authentication (One of these days)

Yes, potentially negative information was stolen for Blizzard's two-factor authentication organization, but in the long haul it's relieve more secure to habit a two-cistron log-in system. By victimisation two-factor in authentication you are creating one more hurdle for hackers to get past, and most of the time this testament make it much harder to compromise your account. But users power be knowing wait to enable this feature until Blizzard releases its software update.

Blizzard offers Battle.net users two-factor authentication through a $6.50 keychain attachment that supplies a log-in inscribe or the Wandering Authenticator app. You potty purchase the physical authenticator instantly from Rash. Engagement.net Mobile Authenticator is available for iOS, Android, Windows Phone 7, and BlackBerry.

Consider SMS Protect

Blizzard offers another security option known as SMS Protect that will send a text to your mobile phone if suspicious calculate activity is detected surgery any evidential changes are made much as password changes. You can also exercise SMS Protect to unlock your Battle.net account, remove an authenticator, find your account name, and reset your word.

Recap Your Email Security measur

The recent hack that tore apart the digital aliveness of Bugged reporter Mat Honan reminds us that compromised accounts can often snowball across connected services. So you should brushup the security surrounding the e-mail address for your Battle.net account.

First, you should make sure the word for your e-mail service address isn't the same atomic number 3 your Conflict.net password. If it is, you should change it immediately. For password origination tips delay out "Password Management: Idiot-Validation Tips" and "Google Offers Advice on Secure Passwords." A password manager such as KeePass, LastPass, or 1Password can also deliver you if you block your new e-chain mail password.

Second, you should agree to consider that your e-mail account's recovery options are dormy to date, including any security questions and alternate electronic mail addresses. Honan lost manipulate of his digital life after hackers were able to access the game-up e-send address for his Gmail account. Hackers already know the e-ring mail address connected to your Battle.net account, so comprise wary of attempts to break into your e-mail via account convalescence options.

Finally, if your e-mail provider offers it, you should too enable two-factor authentication for added trade protection.

Look out For Phishing Electronic mail

Blizzard is advising its users to watch extinct for e-mail purporting to come from Blizzard in an attempt to steal your account certificate. Blizzard says it will never ask for your password operating theatre log up-in information via e-chain armour.

Connect with Ian Paul (@ianpaul) on Twitter and Google+, and with Today@PCWorld on Twitter for the latest technical school intelligence and analysis.

Source: https://www.pcworld.com/article/460573/blizzard_hack_a_security_guide_for_battle_net_users.html

Posted by: taylorwashound.blogspot.com