Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:
Greenbelt, MD 08/22

Regularly scheduled events

Report this Comment
Use this form to report the selected comment to the moderators. Reporting should generally be used only if the comment breaks forum rules.

9. Re: WoW Security Warning Jun 25, 2013, 16:38 PropheT
 
m00t wrote on Jun 25, 2013, 12:42:
What I don't know for sure is if the cookie is tied to a specific machine, made non-transferable by some technical method. (overcome if you use a custom login program because you just lie, but prevents it from being copied and used with the normal launcher)

My understanding is that it keeps an encrypted cookie (if that's the right term here I guess) locally stored to the machine, but the system still requires IP range verification in order to region lock the account. Even with the cookie stored locally the account still requires authentication if you move outside of the network range where you originally set the check file, so if you live in NY and someone tries to access your account from Oregon, for example, it doesn't matter if that cookie is there or not; it forces authentication for the account to confirm ownership.

Blizzard still denies that people with authenticators are getting accounts compromised, and just by the way the tool works it's hard to see how they're wrong. The only way I can see it not being secure is if you use the mobile auth on a jailbroken/non-rooted phone.
 
 
Subject
  
Optional
Message
 
Login Email   Password Remember Me
If you don't already have a Blue's News user account, you can sign up here.
Forgotten your password? Click here.
 




footer

Blue's News logo