Diablo III Catch-All

Also weapon attack speed affects casting speed and here is Blizzard's lengthy discussion on spell damage and items. From those I suspect the +poison or +lightening would also affect spells as well as each item's damage.

This this beta definitely set in stone that I want this game. It's so simple but so addicting. I had the most fun with the Witch Doctor. I just loved entangling enemies then throwing jars of spiders at them doing AOE.

I agree completely multiplayer with Vargen that the layer of this game is really well done and had a blast playing co op. It was extra great because we were trading items with classes that needed them so we were always pretty well geared.

I got to play through all the classes until the skeleton king and here is my order from fave to least fave.

1.Witch Doctor
2.Monk
3.Wizard
4.Barbarian
5.Demon Hunter

LobsterMobster wrote:

So I guess what I'm asking is this: if I reclaim my account, what steps can I take to make sure I never need to deal with theft again, other than by using a really good password?

I've had similar issues but haven't had a single problem since adding an authenticator.

I have a Battle.net account but it's generated so much high-quality phishing spam I've more or less abandoned it. I'm pretty sure it was stolen in some sort of leak a while back, and I think I remedied that, but the gulf between "account notifications" and "fake account notifications" is so small I eventually just threw up my hands and abandoned the account, along with the Starcraft II game associated with it, and the Warcraft account that I played for 2 weeks and now has been repeatedly stolen by gold farmers because Blizzard told me they can't just close the damn thing for some reason.

So I guess what I'm asking is this: if I reclaim my account, what steps can I take to make sure I never need to deal with theft again, other than by using a really good password?

Also, anyone have a good way to determine if an e-mail is legit? I know all the basic stuff (see if they use my actual name or a generic "customer," see if the links actually point to the sites they claim, check e-mail addresses, etc.) This is really critical because if my account has been compromised, I want to know about it immediately. On the same note... I receive a truly ungodly amount of spam about my Battle.net account already. I do not want to have to play detective each time another one shows up.

So far the best way I've found to protect myself is to ignore the links in the e-mail entirely and log in through a site that I know is legit. The only problem with that is I've been unable to find a single place to look for account status.

I'm seriously considering just opening up a brand new Battle.net account for Diablo III.

LiquidMantis wrote:
LobsterMobster wrote:

So I guess what I'm asking is this: if I reclaim my account, what steps can I take to make sure I never need to deal with theft again, other than by using a really good password?

I've had similar issues but haven't had a single problem since adding an authenticator.

The authenticator is the USB thing you plug in, right?

LobsterMobster wrote:

The authenticator is the USB thing you plug in, right?

It's essentially an RSA random number generator that you add on to your password. You don't physically plug it into your computer like a dongle. You can also get a free app for your smartphone that does the same thing.

No. You can get a little key fob that shows a one-time password or you can install an app on a smartphone or tablet that does it.

Here's the key fob. Push the button and the screen displays the number:
IMAGE(http://us.blizzard.com/store/_images/product?productId=1100001471&type=3&loc=en-US)

I just use the app on my Android tablet but I work with a similar key fob product for client security.

[Edit] Shoptroll'ed!

I don't have a smart phone. Looks like they cost $6.50, but that's probably worth it to spare me the headache. I'm still not entirely sure how it works without a direct connection, though. If it's really random then how does Blizzard know which number is right? Does it use a seed?

LobsterMobster wrote:

Does it use a seed?

If it's anything like RSA's fobs, they're using a seed. (I think)

It's not random, it's synced to the authentication server and generated through proprietary algorithms. $6.50 is nothing. These cost my company $100 per user for hardware and license, although we aren't doing quite the bulk that Blizzard is I'm sure.

So far it's been a lot less of a hassle than I thought it would be. You have to use it everytime you log into www.battle.net but with Diablo 3 for example I only had to use it the first time. I guess it adds some sort of cookie or caches your computer's hardware signature because I didn't have to enter it again after that. It works more like the Steam computer verification so far.

Just got my account back. Looks like my WoW account got banned.

Neat!

Edit: Oh god dammit! There were two WoW accounts listed so I clicked the second one and it CREATED A NEW DAMN ACCOUNT.

Double posting is for phished noobs.

There's a serial number on the token, and you enter that into your account info. Once you do that, your token and your account are connected.

The way I understand how it works is, Blizzard has a server whose sole purpose is to spit out these numbers. It then uses your serial number to create the one-time password, which your token also generates. Because the serial number on your token is the same one that Blizzard has, they both always generate the same password. When they match, you can log on.

They create new passwords every thirty seconds or so, and each password is valid for a minute, I believe. This doesn't make you immune to phishing, though. You still need to be vigilant, because they will try to phish an authenticator password out of you, and then immediately log on and attach a different authenticator to the account.

This is all assuming the previous hacker hasn't already attached his own authenticator to the account.

LiquidMantis wrote:

$6.50 is nothing. These cost my company $100 per user for hardware and license, although we aren't doing quite the bulk that Blizzard is I'm sure.

I'm honestly surprised Blizzard isn't just packaging them in with their games at this point.

Even so, I'm 100% certain the smartphone app is an in-house copycat of the same technology that they don't pay anything for, licensing-wise.

LobsterMobster wrote:

Just got my account back. Looks like my WoW account got banned.

Neat!

That... sucks? Honestly, you're better off.

I got hacked last week as well, they have restored all my accounts on WoW, but it is currently banned. It's been turned off for almost 2 years, so I had taken the authenticator off. Needless to say I reattached that, changed all my passwords and such.

I was not being sarcastic (for once). I have no interest in playing WoW.

I put in an order for an authenticator and set up my account to text message me if there's any activity on it. Y'know, if they can put it on a cell phone they should really just make a downloadable free version. If someone has my entire computer, I have bigger problems than my Battle.net account.

I just don't really like the idea of tying my access to a tiny little fob that looks very easy to lose or break, and which will inevitably run out of batteries in a few years.

LobsterMobster wrote:

I was not being sarcastic (for once). I have no interest in playing WoW.

I put in an order for an authenticator and set up my account to text message me if there's any activity on it. Y'know, if they can put it on a cell phone they should really just make a downloadable free version. If someone has my entire computer, I have bigger problems than my Battle.net account.

I just don't really like the idea of tying my access to a tiny little fob that looks very easy to lose or break, and which will inevitably run out of batteries in a few years.

There is a mobile authenticator app for all major phones, if that's what you mean. That's what I use, not the fob, I've had it since it came out.

The fob batteries, assuming no defects, will last 8 years.

What I ended up doing was, I bought some of those 3M Command hooks and attached it to my monitor, and that's where my fob lives. I've had one since right around when Blizzard started offering them and haven't lost it yet.

Happytime Harry wrote:

There is a mobile authenticator app for all major phones, if that's what you mean. That's what I use, not the fob, I've had it since it came out.

I don't own a smart phone.

NSMike wrote:

The fob batteries, assuming no defects, will last 8 years.

What I ended up doing was, I bought some of those 3M Command hooks and attached it to my monitor, and that's where my fob lives. I've had one since right around when Blizzard started offering them and haven't lost it yet.

Suppose I do have some krazy glue I could use...

If you lose/destroy the authenticator, Blizzard support is good about removing it. You have to send them a copy of a government ID and such, but it is doable.

Beta is still live! As much fun as it was playing a battlemage wizard, the monk's flaming whirlwind kick is awesome.

If you lose/destroy the authenticator, Blizzard support is good about removing it. You have to send them a copy of a government ID and such, but it is doable.

This happened to me. I called up support and they asked for some unique detail from my account (I gave them the CC# I used when I bought Starcraft II through battle.net) and then they unbound the authenticator.

LiquidMantis wrote:

Beta is still live! As much fun as it was playing a battlemage wizard, the monk's flaming whirlwind kick is awesome.

Yeah, I think it's live until 10:00AM PST if memory serves.

Please add me to the great D3 playlist in the cloud - SpyNavy#1599

Regarding authenticators - The Old Republic has these too, and Blizzards smartphone app is leaps and bounds better. I'm glad these are finally becoming more mainsteam, it's a really easy to use and effective security option. You can set it up for your Google account as well, which I highly recommend doing.

I want to add that anyone who thinks the smartphone app is more reliable than the FOB, they should consider that any time you need to wipe your phone, you will need to sign in and detach the authenticator, wipe the phone, then reattach it after. Phones are less reliable than FOBs.

drdoak wrote:

I want to add that anyone who thinks the smartphone app is more reliable than the FOB, they should consider that any time you need to wipe your phone, you will need to sign in and detach the authenticator, wipe the phone, then reattach it after. Phones are less reliable than FOBs.

Actually you don't. All you need is a restore code, which the app gives you when you set it up (Blizzard prints, in big red letters, that you should write the code down). If you lose your phone, buy a new phone, or have to wipe your phone, you just punch that code in and it automatically detaches the authenticator so you can set it up again.

I also argue that this is no different than the case of if you lost your FOB. The only difference is that if you lose your phone, you can do all this yourself in 10 minutes, where as if you lose your FOB you have to contact Blizzard and they have to do it all for you. I think the phones are far more convenient, but Lobster points out that not everybody has a smartphone, so I'm glad that both exist.

That feature wasn't around when I actually cared about WoW, so that's a nice thing. It was quite a hassle to remove the authenticator at the time.

Ya they added the restore code for that. I had that happen on 2 consecutive iPhone upgrades when I forgot to do it.

Oh man, is this going to be a problem with Diablo III as well, now that money's going to be involved? :/

I'm sad to say that money is never not involved any more.