Thread Tools Display Modes
09-24-10, 01:29 AM   #1
Bluspacecow
Giver of walls of text :)
 
Bluspacecow's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 770
Good news everyone ! New Automated Account Recovery System!



Just come out for us.battle.net

Not sure if you European chaps have it yet

http://wow.joystiq.com/2010/09/22/bl...for-hacked-ac/
http://forums.worldofwarcraft.com/th...Id=26859148968

As a lot of you know when you get hacked one of the things that make the whole experience distressing is getting through to someone to reset your password and start the whole recovery process. Yes they've improved things over the years yet the fact remains that if you do see someone on your account it often doesn't matter how quickly you get through to someone on the phone or via a ticket - the damage is done within minutes

Now no longer. Blizzard have made an automated recovery system. Using this system you can get in quickly and lock your account down. A reset password email is sent out and a ticket is automatically generated.

https://us.battle.net/account/suppor...-computer.html

Is the URL to bookmark.

Now in the interests of science I had a little play with it. My account has not been hacked btw. Here's how I went :

Page 1

Very large prominent disclaimers on making sure you have scanned your computer for every possible keylogger , tips on keeping your account secure , recommendation for getting a authenticator etc etc

Big Orange box with a checkbox that won't alllow you to go any further without making doubly down sure you're secured your end. "Is this computer secure? - During the next steps in the account recovery process, you will be providing us with detailed personal information to verify your identity. Thus, it is extremely important that your computer is secure before proceeding."

Very nice , very clear

Page 2

Asks you for your Battle.net email , First name and Last name. Gentlemen this is why you don't do account trading. Or account buying.

Page 3

Gives you a choice between answering your secret question or putting in the serial number off your CD Case thingy. You know the number that was on the front

Page 4

It's either this page or the page before where it recommends changing your email password as well. Or it could of been about changing your battle.net email. Either way another recommendation to change your email password as it could be compromised is very very nice.

Last Page.

Tells you exactly what's going to happen and what time frames to expect. Very nice.

Also has a few very detailed paragraphs on account security and how to follow everything up. By the end of all this your account is locked with an email sent for a password recovery. A ticket for the recovery of your items is also put in the queue and you get a ticket number for it.

I like how you get the ticket number right in the email to you. It means the rep you get on the phone can locate your recovery request. It could also mean in the future Blizzard may consider changing the automated phone system to add an option to put that in .... and automatically be forwarded to the spe******t involved with your case...or automatically read out a status report on your ticket.

Seriously putting the ticket number in on the email is awesome. I would love a system where you ring up , put in your ticket number and get an automated update on your recovery. Something like someone going "Your support ticket has been assigned to ______ They can see x items to recover. Recover has been in process for x days with an estimated y days left for z items. If your still wanting to talk to an operator please stay on the line now. if you get a message to say all lines are busy please redial until you get in the Queue. Have a nice day !"

*ponders on putting in a suggestion for above*

Here's my thread on my experiences :

http://forums.worldofwarcraft.com/th...741312&sid=1#8

PS Yes I've deleted my ticket out of the queue. And my account is unlocked now. The whole process was very fast and all happened in minutes. Yes you can now lock your account down in minutes assuming you've cleaned your computer out and your email has not been compromised
__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)
  Reply With Quote
09-24-10, 04:17 AM   #2
Kallieen
Lady of Shadows
 
Kallieen's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 54
Thanks for posting this! Just spread the word on my guild forum, we've had several people get hacked recently.

And thanks for doing the 'Oooo, shiny button, must press' bit so I don't need to.
__________________
[SIGPIC][/SIGPIC]
  Reply With Quote
09-24-10, 05:07 AM   #3
Marthisdil
An Onyxian Warder
AddOn Author - Click to view addons
Join Date: Jan 2005
Posts: 363
Originally Posted by Kallieen View Post
Thanks for posting this! Just spread the word on my guild forum, we've had several people get hacked recently.

And thanks for doing the 'Oooo, shiny button, must press' bit so I don't need to.
Wish people would quit saying that they "were hacked".

Their accounts weren't hacked. They were just stupid.

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.
__________________

Marth



  Reply With Quote
09-24-10, 05:34 AM   #4
Bluspacecow
Giver of walls of text :)
 
Bluspacecow's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 770
Originally Posted by Marthisdil View Post
Wish people would quit saying that they "were hacked".

Their accounts weren't hacked. They were just stupid.

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.
That's a tiny bit arrogant of you isn't it ?

Blaming the victim for the crime isn't it ? Like saying there's no burglary or robbery in the world today - clearly the victims asked for it by having a particular brand of lock on their door! Genius !

Tell me have you ever been hacked ? Known people that have been hacked ?

I do know people that have been hacked. I know people with extremely stringent security measures that have been hacked. I know people hired by the NSA and CIA that have been hacked. These are people that get paid to specialize in computer security. None of them were necessarily hacked for being stupid.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck.

Also there is no security system in the world that is 100% hacker proof. You can't guard against Zero day exploits. It is flawed reasoning to say everyone who gets hacked is stupid.
__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)

Last edited by Bluspacecow : 09-24-10 at 05:54 AM.
  Reply With Quote
09-24-10, 07:09 AM   #5
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by Marthisdil View Post
Wish people would quit saying that they "were hacked".

Their accounts weren't hacked. They were just stupid.

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.
This is just plain ignorance. Plain and simple. I was [s]hacked[/s] compromised. It ended up being a hack embedded in the flash of a popular WoW information site where people go to get information about quests and items. No virus, no buying gold, to selling/buying accounts, no clicking on spam emails from nefarious sources pretending to be Blizzard.

Sure, I didn't have an authenticator at the time - but excuse me if I was pissed because the last authenticator I purchased died in 6 months and Blizzard said "so sorry, buy another one". OF course I have one now tied to my phone.

I don't expect you to understand - until you yourself get hacked - but it is NOT as cut and dried as you suggest.

Don't be so quick to judge, you may be next.
__________________

"I will crush and destroy and...ooo...shiny..."


Last edited by Flarin : 09-24-10 at 08:08 AM.
  Reply With Quote
09-24-10, 07:48 AM   #6
Maul
Ion Engines, Engage!
 
Maul's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2005
Posts: 401
Originally Posted by Marthisdil View Post
Wish people would quit saying that they "were hacked".
In the world of languages, words change. It is a fact. While it is true that the vast majority of account compromises are not actually hacked and and the login information was learned via some phishing method, the term "hacked" is a nice quick simple term that people use to identify what happened. And it is not going away.

There are thousands of words in the English language alone that are not used today in the context of their original meaning. Take the word "decimate" - this word meant to "reduce by one of ten" and came from the practice of a punishment in the roman armies where if a unit did not perform they would kill one solider in ten as negative reinforcement. Today, we use the word to indicate that something has been utterly destroyed.

If someone says "My WoW account was hacked" and you know exactly what they meant, then the job of using language was successful in that communication occurred successfully.
__________________

Twitter: @IonMaul | Windows Live: [email protected] | Google Talk: [email protected]
  Reply With Quote
09-24-10, 08:20 AM   #7
Marthisdil
An Onyxian Warder
AddOn Author - Click to view addons
Join Date: Jan 2005
Posts: 363
Originally Posted by Bluspacecow View Post
That's a tiny bit arrogant of you isn't it ?

Blaming the victim for the crime isn't it ? Like saying there's no burglary or robbery in the world today - clearly the victims asked for it by having a particular brand of lock on their door! Genius !

Tell me have you ever been hacked ? Known people that have been hacked ?

I do know people that have been hacked. I know people with extremely stringent security measures that have been hacked. I know people hired by the NSA and CIA that have been hacked. These are people that get paid to specialize in computer security. None of them were necessarily hacked for being stupid.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck.

Also there is no security system in the world that is 100% hacker proof. You can't guard against Zero day exploits. It is flawed reasoning to say everyone who gets hacked is stupid.
OK - lemme put it this way.

Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head. I know not to go to links from Blizzard-looking emails. I verify the site I'm going to is actually the site I'm wanting. I don't click on random links to the WoW Armory and enter in my credentials.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck
Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.

I'm sorry if you don't agree, but it is.

Do people deserve their accounts to be compromised? Of course not. But them shunting responsibility off on someone else, for their ignorance and lax-ness, is more wrong, than them doing whatever caused their credentials to get compromised to begin with.

If someone says "My WoW account was hacked" and you know exactly what they meant, then the job of using language was successful in that communication occurred successfully.
That's fine - if you wish to continue doing the interpretation in your head, you can. I do it too. When they say "I was hacked" my brain translates it to "I was stupid, did something I shouldn't have done, but I refuse to admit any fault of my own - so I'll blame someone else and say "hacked"."

My interpretation is the correct one, and you know it.
__________________

Marth



  Reply With Quote
09-24-10, 08:58 AM   #8
Seerah
Fishing Trainer
 
Seerah's Avatar
WoWInterface Super Mod
Featured
Join Date: Oct 2006
Posts: 10,860
I can quote things, too.

Originally Posted by Marthisdil View Post
Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.
That would be hacking Blizzard's servers. Not someone's account.

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head. I know not to go to links from Blizzard-looking emails. I verify the site I'm going to is actually the site I'm wanting. I don't click on random links to the WoW Armory and enter in my credentials.
These are not the only ways to have your account compromised. Read above for an example about flash ads and zero-day exploits.

Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.
I would say that those two words have different meanings... Not to mention that calling someone stupid on these forums goes against our rules: 1. Post with respect and courtesy. Debate is fine ... so long as when you disagree with someone, you respond in a civilized and constructive manner.

That's fine - if you wish to continue doing the interpretation in your head, you can. I do it too. When they say "I was hacked" my brain translates it to "I was stupid, did something I shouldn't have done, but I refuse to admit any fault of my own - so I'll blame someone else and say "hacked"."
I am sorry for the way in which you see the world. Yes, I agree that some people simply do not think before risking their account. But to think that everyone who has their accounts compromised acts this way is just naive.

My interpretation is the correct one, and you know it.
Just because you think your opinion is the only correct one, does not make it so. That's a great lesson to learn and carry through life.

__________

Now. This thread is not about how people can get hacked or who gets blamed. It is about a new feature that enables you to lock your account quickly in the event that it gets compromised. I'm tempted to just delete everything here that's off-topic, but I hope that some people can learn something from the discussion.
__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

  Reply With Quote
09-24-10, 09:06 AM   #9
Maul
Ion Engines, Engage!
 
Maul's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2005
Posts: 401
Originally Posted by Seerah View Post
Just because you think your opinion is the only correct one, does not make it so. That's a great lesson to learn and carry through life.
Win

(extra stuff so the forum can let me post)
__________________

Twitter: @IonMaul | Windows Live: [email protected] | Google Talk: [email protected]
  Reply With Quote
09-24-10, 09:08 AM   #10
Bluspacecow
Giver of walls of text :)
 
Bluspacecow's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 770
Originally Posted by Marthisdil View Post
Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.
Nice little back pedal you got there. Yet this isn't what you said above. You said above "People don't get hacked they are just stupid"
To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head.
And I trust your not lax in your security methods? Not even once ? You've never been hacked therefore your smarter then those other guys who do.

I haven't been hacked either. And I don't do any special security steps other then not giving out my password to silly whispers or going to funny sites from an email.

But this does not mean that maybe one day I might get hacked. I'm not arrogant enough to say they I won't get hacked. I'm only Human and I might slip up once.
Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.
Lax ≠ Stupid

The 2 definitions of the words having nothing to do with the other :

http://dictionary.reference.com/browse/lax
http://dictionary.reference.com/browse/stupid
People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.
This is also covered in detail on the form. Also in the security page they recommend you go to.
__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)
  Reply With Quote
09-24-10, 09:28 AM   #11
Kallieen
Lady of Shadows
 
Kallieen's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 54
O.o

Not the response I was expecting, that's for sure. As Maul's post mentioned, I was using 'get hacked' as shorthand for 'have their accounts compromised in one fashion or another, which may or may not have been their fault'.

Still, this will be an excellent tool to help people who do lose access to their accounts, whatever the cause.
__________________
[SIGPIC][/SIGPIC]
  Reply With Quote
09-24-10, 10:21 AM   #12
Ferous
Sheer Sense of Doom
AddOn Author - Click to view addons
Join Date: Mar 2008
Posts: 863
I'm glad they finally added this feature. I hope it helps people moreso than having to just open a ticket and such, and I'm sure the response time will be faster! Also, GM Ticket wait times should go down immensely!
  Reply With Quote
09-24-10, 10:41 AM   #13
Sythalin
Curse staff
 
Sythalin's Avatar
AddOn Author - Click to view addons
Join Date: Aug 2006
Posts: 680
There is a difference between being naive and being stupid, just as there is a difference between reasonable debate and being an arrogant know-it-all asshat who thinks they're smarter than the rest of the world. I'll leave it at that.

The feature is great and I look forward to my simple tickets being answered sooner because of it. My last one was for a couple of AH spammers who were flooding Strange Dust x1 for pages on end. Took 3 days before they got to it.
  Reply With Quote
09-24-10, 11:01 AM   #14
Xruptor
A Flamescale Wyrmkin
 
Xruptor's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2005
Posts: 133
Originally Posted by Seerah View Post
I can quote things, too.

Just because you think your opinion is the only correct one, does not make it so. That's a great lesson to learn and carry through life.
*agrees*

+100 points in life lessons.

Congratulations! Your life lessons knowledge has increased to level 95!


__________________
Click HERE for the ultimate idiot test.

if (sizeof(sadness) > sizeof(happiness)) { initDepression(); }
  Reply With Quote
09-24-10, 11:26 AM   #15
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
There really tends to be no sympathy for people who have their accounts compromised. One of the fella's from The Instance had is account compromised in the past - and he never got to the root of it either.

Having the authenticator is the key. Would not surprise me if one day that is not enough.

I apologize for getting so defensive in my previous post - but it really irks me when people ASSume you are an idiot - or naive - and those are the only two paths that can lead to account compromising. FLASH WAS HACKED - didn't last long, it got 100's of 1000's of people. My brother got hit - he turned off his authenticator for 1 day because he got a new phone, and was transferring the authenticator to the new one - BAM - compromised - same deal - no email clicky, no gold or account buying or selling - SIMPLY VISITING A WEBSITE. Did I mention this happened to more than a hundred thousand people? I might have

Hacked, compromised, whatever - keep up the smugness and karma will come around and chop off your head, hold it in its hands, and laugh at you.

Troll away, I am finished.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
09-24-10, 11:42 AM   #16
Taryble
A Molten Giant
 
Taryble's Avatar
Join Date: Jan 2009
Posts: 811
Flarin, even an authenticator isn't enough. Several months ago, already, it was discovered that there were some man-in-the-middle style password stealing compromise methods in use. They could only get into your account in a single, approximately 30-second, timeframe, but once in they could do what they wanted.

They were running a keylogger with active communication, it detected WoW starting, recorded your username, password, and auth code, and immediately transmitted that to another computer that then logged into your account while the authenticator code was still "active". Having an authenticator is MORE secure, but is not completely secure.
__________________
-- Taryble
  Reply With Quote
09-24-10, 11:59 AM   #17
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by Taryble View Post
Flarin, even an authenticator isn't enough. Several months ago, already, it was discovered that there were some man-in-the-middle style password stealing compromise methods in use. They could only get into your account in a single, approximately 30-second, timeframe, but once in they could do what they wanted.

They were running a keylogger with active communication, it detected WoW starting, recorded your username, password, and auth code, and immediately transmitted that to another computer that then logged into your account while the authenticator code was still "active". Having an authenticator is MORE secure, but is not completely secure.
Truly scary stuff - not so much for my in-game characters or whatever, just brings to light how dicey the net is for any personal data.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
09-24-10, 02:02 PM   #18
Petrah
A Pyroguard Emberseer
 
Petrah's Avatar
AddOn Author - Click to view addons
Join Date: Jan 2008
Posts: 2,988
Originally Posted by Marthisdil View Post
My interpretation is the correct one, and you know it.
"While you are entitled to hold an uninformed opinion, you are not entitled to make stuff up and call it a valid argument."
__________________
♪~ ( ) I My Sonos!
AddOn Authors: If your addon spams the chat box with "Addon v8.3.4.5.3 now loaded!", please add an option to disable it!
  Reply With Quote
09-24-10, 04:21 PM   #19
Seerah
Fishing Trainer
 
Seerah's Avatar
WoWInterface Super Mod
Featured
Join Date: Oct 2006
Posts: 10,860
I said that that was enough off-topic posting.
__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

  Reply With Quote
09-24-10, 06:47 PM   #20
Bluspacecow
Giver of walls of text :)
 
Bluspacecow's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 770
Originally Posted by Seerah View Post
I said that that was enough off-topic posting.
KK I'm sorry for starting "something" then.

Back on topic.

I gave this a go so you guys wouldn't have to. So please no playing around with this form just to see how it works.The poor overworked Blizzard peoples don't need to be going around deleting tickets

I have also not found anything about it being possible on eu.battle.net yet ... anyone found anything on them bringing it out for the European guys and gals ?
__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)

Last edited by Bluspacecow : 09-24-10 at 06:54 PM.
  Reply With Quote

WoWInterface » General Discussion » General WoW Chat » Good news everyone ! New Automated Account Recovery System!

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off