Originally Posted by Emythrel
Is it just me or does the "keep me logged in" check box seem somewhat out of place on a blizzard site, since they have such stringent security
|
Ahahahahahahahahaaha! You bought that? Blizzard has, by design, horrible security.
Lets say your password is PassWord123ZxX
ALL of the following will let you login to your wow account:
password123zxx
PASSWORD123ZXX
PassWord123ZxX
pASSwORD123zXx
PassWord123ZXX
PassWord123zxx
PassWord123Zxx
PassWord123zXX
but not
PASSword123ZXX
My nephew had an 12 character password using upper and lower case letters and numbers, but since all lowercase works, his account was easily hacked (his password was something in the pattern like BGBsMitH218g which would normally be reasonably secure).
His mistake was using the same email address (his only one) for battle.net and the various wow-related websites. I created an email account for him on my server that he could use *only* for battle.net, which will reduce the odds of his getting hacked, at least until blizzard spews his login ID to the entire server via their RealID evilness.