Good news everyone ! New Automated Account Recovery System!
 

Just come out for us.battle.net

Not sure if you European chaps have it yet

http://wow.joystiq.com/2010/09/22/bl...for-hacked-ac/
http://forums.worldofwarcraft.com/th...Id=26859148968

As a lot of you know when you get hacked one of the things that make the whole experience distressing is getting through to someone to reset your password and start the whole recovery process. Yes they've improved things over the years yet the fact remains that if you do see someone on your account it often doesn't matter how quickly you get through to someone on the phone or via a ticket - the damage is done within minutes :(

Now no longer. Blizzard have made an automated recovery system. Using this system you can get in quickly and lock your account down. A reset password email is sent out and a ticket is automatically generated.

https://us.battle.net/account/suppor...-computer.html

Is the URL to bookmark.

Now in the interests of science I had a little play with it. My account has not been hacked btw. Here's how I went :

Page 1

Very large prominent disclaimers on making sure you have scanned your computer for every possible keylogger , tips on keeping your account secure , recommendation for getting a authenticator etc etc

Big Orange box with a checkbox that won't alllow you to go any further without making doubly down sure you're secured your end. "Is this computer secure? - During the next steps in the account recovery process, you will be providing us with detailed personal information to verify your identity. Thus, it is extremely important that your computer is secure before proceeding."

Very nice , very clear

Page 2

Asks you for your Battle.net email , First name and Last name. Gentlemen this is why you don't do account trading. Or account buying.

Page 3

Gives you a choice between answering your secret question or putting in the serial number off your CD Case thingy. You know the number that was on the front

Page 4

It's either this page or the page before where it recommends changing your email password as well. Or it could of been about changing your battle.net email. Either way another recommendation to change your email password as it could be compromised is very very nice.

Last Page.

Tells you exactly what's going to happen and what time frames to expect. Very nice.

Also has a few very detailed paragraphs on account security and how to follow everything up. By the end of all this your account is locked with an email sent for a password recovery. A ticket for the recovery of your items is also put in the queue and you get a ticket number for it.

I like how you get the ticket number right in the email to you. It means the rep you get on the phone can locate your recovery request. It could also mean in the future Blizzard may consider changing the automated phone system to add an option to put that in .... and automatically be forwarded to the spe******t involved with your case...or automatically read out a status report on your ticket.

Seriously putting the ticket number in on the email is awesome. I would love a system where you ring up , put in your ticket number and get an automated update on your recovery. Something like someone going "Your support ticket has been assigned to ______ They can see x items to recover. Recover has been in process for x days with an estimated y days left for z items. If your still wanting to talk to an operator please stay on the line now. if you get a message to say all lines are busy please redial until you get in the Queue. Have a nice day !"

*ponders on putting in a suggestion for above*

Here's my thread on my experiences :

http://forums.worldofwarcraft.com/th...741312&sid=1#8

PS Yes I've deleted my ticket out of the queue. And my account is unlocked now. The whole process was very fast and all happened in minutes. Yes you can now lock your account down in minutes assuming you've cleaned your computer out and your email has not been compromised

Thanks for posting this! Just spread the word on my guild forum, we've had several people get hacked recently.

:D And thanks for doing the 'Oooo, shiny button, must press' bit so I don't need to.

Wish people would quit saying that they "were hacked".

Their accounts weren't hacked. They were just stupid.

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.

That's a tiny bit arrogant of you isn't it ?

Blaming the victim for the crime isn't it ? Like saying there's no burglary or robbery in the world today - clearly the victims asked for it by having a particular brand of lock on their door! Genius !

Tell me have you ever been hacked ? Known people that have been hacked ?

I do know people that have been hacked. I know people with extremely stringent security measures that have been hacked. I know people hired by the NSA and CIA that have been hacked. These are people that get paid to specialize in computer security. None of them were necessarily hacked for being stupid.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck.

Also there is no security system in the world that is 100% hacker proof. You can't guard against Zero day exploits. It is flawed reasoning to say everyone who gets hacked is stupid.

This is just plain ignorance. Plain and simple. I was [s]hacked[/s] compromised. It ended up being a hack embedded in the flash of a popular WoW information site where people go to get information about quests and items. No virus, no buying gold, to selling/buying accounts, no clicking on spam emails from nefarious sources pretending to be Blizzard.

Sure, I didn't have an authenticator at the time - but excuse me if I was pissed because the last authenticator I purchased died in 6 months and Blizzard said "so sorry, buy another one". OF course I have one now tied to my phone.

I don't expect you to understand - until you yourself get hacked - but it is NOT as cut and dried as you suggest.

Don't be so quick to judge, you may be next.

In the world of languages, words change. It is a fact. While it is true that the vast majority of account compromises are not actually hacked and and the login information was learned via some phishing method, the term "hacked" is a nice quick simple term that people use to identify what happened. And it is not going away.

There are thousands of words in the English language alone that are not used today in the context of their original meaning. Take the word "decimate" - this word meant to "reduce by one of ten" and came from the practice of a punishment in the roman armies where if a unit did not perform they would kill one solider in ten as negative reinforcement. Today, we use the word to indicate that something has been utterly destroyed.

If someone says "My WoW account was hacked" and you know exactly what they meant, then the job of using language was successful in that communication occurred successfully.

OK - lemme put it this way.

Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head. I know not to go to links from Blizzard-looking emails. I verify the site I'm going to is actually the site I'm wanting. I don't click on random links to the WoW Armory and enter in my credentials.

Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent:) shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.

I'm sorry if you don't agree, but it is.

Do people deserve their accounts to be compromised? Of course not. But them shunting responsibility off on someone else, for their ignorance and lax-ness, is more wrong, than them doing whatever caused their credentials to get compromised to begin with.

That's fine - if you wish to continue doing the interpretation in your head, you can. I do it too. When they say "I was hacked" my brain translates it to "I was stupid, did something I shouldn't have done, but I refuse to admit any fault of my own - so I'll blame someone else and say "hacked"."

My interpretation is the correct one, and you know it.

I can quote things, too.

That would be hacking Blizzard's servers. Not someone's account.

These are not the only ways to have your account compromised. Read above for an example about flash ads and zero-day exploits.

I would say that those two words have different meanings... Not to mention that calling someone stupid on these forums goes against our rules: 1. Post with respect and courtesy. Debate is fine ... so long as when you disagree with someone, you respond in a civilized and constructive manner.

I am sorry for the way in which you see the world. Yes, I agree that some people simply do not think before risking their account. But to think that everyone who has their accounts compromised acts this way is just naive.

Just because you think your opinion is the only correct one, does not make it so. ;) That's a great lesson to learn and carry through life.

__________

Now. This thread is not about how people can get hacked or who gets blamed. It is about a new feature that enables you to lock your account quickly in the event that it gets compromised. I'm tempted to just delete everything here that's off-topic, but I hope that some people can learn something from the discussion.

Win :cool:

(extra stuff so the forum can let me post)

Nice little back pedal you got there. Yet this isn't what you said above. You said above "People don't get hacked they are just stupid"
And I trust your not lax in your security methods? Not even once ? You've never been hacked therefore your smarter then those other guys who do.

I haven't been hacked either. And I don't do any special security steps other then not giving out my password to silly whispers or going to funny sites from an email.

But this does not mean that maybe one day I might get hacked. I'm not arrogant enough to say they I won't get hacked. I'm only Human and I might slip up once.
Lax ≠ Stupid

The 2 definitions of the words having nothing to do with the other :

http://dictionary.reference.com/browse/lax
http://dictionary.reference.com/browse/stupid
This is also covered in detail on the form. Also in the security page they recommend you go to.

O.o

Not the response I was expecting, that's for sure. As Maul's post mentioned, I was using 'get hacked' as shorthand for 'have their accounts compromised in one fashion or another, which may or may not have been their fault'.

Still, this will be an excellent tool to help people who do lose access to their accounts, whatever the cause.

I'm glad they finally added this feature. I hope it helps people moreso than having to just open a ticket and such, and I'm sure the response time will be faster! Also, GM Ticket wait times should go down immensely!

There is a difference between being naive and being stupid, just as there is a difference between reasonable debate and being an arrogant know-it-all asshat who thinks they're smarter than the rest of the world. I'll leave it at that.

The feature is great and I look forward to my simple tickets being answered sooner because of it. My last one was for a couple of AH spammers who were flooding Strange Dust x1 for pages on end. Took 3 days before they got to it. :rolleyes:

*agrees*

+100 points in life lessons.

Congratulations! Your life lessons knowledge has increased to level 95!


:banana:

There really tends to be no sympathy for people who have their accounts compromised. One of the fella's from The Instance had is account compromised in the past - and he never got to the root of it either.

Having the authenticator is the key. Would not surprise me if one day that is not enough.

I apologize for getting so defensive in my previous post - but it really irks me when people ASSume you are an idiot - or naive - and those are the only two paths that can lead to account compromising. FLASH WAS HACKED - didn't last long, it got 100's of 1000's of people. My brother got hit - he turned off his authenticator for 1 day because he got a new phone, and was transferring the authenticator to the new one - BAM - compromised - same deal - no email clicky, no gold or account buying or selling - SIMPLY VISITING A WEBSITE. Did I mention this happened to more than a hundred thousand people? I might have ;)

Hacked, compromised, whatever - keep up the smugness and karma will come around and chop off your head, hold it in its hands, and laugh at you.

Troll away, I am finished.

Flarin, even an authenticator isn't enough. Several months ago, already, it was discovered that there were some man-in-the-middle style password stealing compromise methods in use. They could only get into your account in a single, approximately 30-second, timeframe, but once in they could do what they wanted.

They were running a keylogger with active communication, it detected WoW starting, recorded your username, password, and auth code, and immediately transmitted that to another computer that then logged into your account while the authenticator code was still "active". Having an authenticator is MORE secure, but is not completely secure.

Truly scary stuff - not so much for my in-game characters or whatever, just brings to light how dicey the net is for any personal data.

"While you are entitled to hold an uninformed opinion, you are not entitled to make stuff up and call it a valid argument."

I said that that was enough off-topic posting. :p

KK I'm sorry for starting "something" then.

Back on topic.

I gave this a go so you guys wouldn't have to. So please no playing around with this form just to see how it works.The poor overworked Blizzard peoples don't need to be going around deleting tickets :)

I have also not found anything about it being possible on eu.battle.net yet ... anyone found anything on them bringing it out for the European guys and gals ?