Yeah, I’m just saying that I don’t know that the authenticator app has to be on the phone (physical item) that the number is attached to.
I’ve noticed this has gone unanswered, so allow me.
SMS: Phone number can be cloned and the text intercepted before you’re able to use it. This isn’t common, but if made standard for Blizzard accounts, then the people who compromise accounts will use it much more often.
Email: Can be hacked. This happens much more often and is fairly standard in Blizzard account compromises. Oftentimes, the hacker will delete and purge the emails once they’ve used them, so the victim has no idea they’ve been compromised until they can no longer access their account.
The reason your bank and credit card don’t recognize that basically boils down to the fact that they serve a wider audience than Blizzard does. For the most part, the technophobes will use bank services in person or by phone, but there a larger number of folks who do use tech, but older than most apps support–whether by choice, or because it’s all they can afford, whichever.
Banks and credit cards have to remain accessible to all, because they’re vital; therefore, they’re not going to alienate the folks with older hardware. That’s why, even though a physical key fob or phone app authenticator is more secure, they have the less secure options. It’s not that those institutions think those alternatives are just as secure–they just have to stay accessible to the average user.
Blizzard, however, is a videogame company, nowhere near essential. They can afford to lose the folks who aren’t able to secure their accounts in the way the company requires.
10 Likes
I will second this. If you personally feel it’s secure (as you are, willingly, having your one-time-password sent to the very PC on which you will use it) then Bluestacks is an excellent option. Your risk: anyone who has access to your computer now has access to the 2FA key.
I have several 2FA programs on mine, and I feel I am secure because someone would need to break into my home and sit at my pc (or commandeer my PC remotely) in order for there to be an issue. I am personally 100% comfortable with this risk.
Takes any mobile device straight out of the loop. Also I can catch up on my HomeScapes when I am supposed to be working, without the obvious phone- or tablet-in-the-hand.
Good luck.
3 Likes
Ok, thanks for your thoughts on the safety of other MFA methods. Good points.
However, I argue that ANY MFA will be more secure than NO MFA. By me not owning an App compatible phone and Blizzard not offering a method I am able to utilize, my account is less secure than had Blizzard allowed other optional methods.
Just saying, it’s not perfect but wrap it in the Battlenet launcher. Get the stats from the device, IP address, etc., tie to a phone number. Then when logging in, receive a text, enter one-time code, and done. If the stats are consistent when logging in, no need to reauthenticate, just like with app. Not saying get rid of app and this for everyone, but to have something like this as an option is better than having nothing.
1 Like
That would not work as if your computer is compromised, then you would have the ones using your computer without your knowledge able to access your account because of that. It would defeat the purpose of 2FA which requires separate devices.
If you wish for those who could make such decisions to see your suggestion though, you would need to post in the General Discussion Forum, which you state you have already done. Posting in this forum will do no good as the Blizzard employees who post here are NOT liaison to those who can make and implement such decisions.
If you choose to unsub as you have threatened, then so be it. That is on you if you do not wish to meet the requirements to use a specific feature added to the game. You still have access to the LFG/LFR but cannot make custom titles for said feature. That would be a silly reason to unsub for.
1 Like
Not sure you understood what I meant… Who is going to be using my computer to run WoW remotely without me somehow knowing?? That’s just ludicrous.
Yet, it happens. If they compromise your computer, and copy your install to one they control, then they would be able to authenticate on their install.
As noted in the other thread, any feedback/suggestions should be directed to the appropriate forum.
2 Likes