[How To] Keep your World of Warcraft Account Safe

[Energizer Rabbit]

Ok Before i get into all of this: THIS IS NOT 100% FOOL PROOF. If you would like me to add somthing to this guide please Private message me or leave a comment below. I will read comments and respond to them as quickly as possible.

1. Keep your Antivirus/Spyware protector up to date. Don't Stop scans that pop up. Atleast scan your computer once a week to protect from viruses/keyloggers.

2. If you have the money buy a Authenticator. This is a 95% geruntee of keeping your account safe. No one can change anything without knowing your last name or SQA by contacting blizzard. Or if you have an iphone/ipod download a Mobile authenticator by searching Battle.net or Mobile Authenticator in the apps Section of Itunes.

3. Change your password every week or so. I reccomend changing your password every Friday. Hackers usually strike then because they can keep the account all weekend until monday.

4. Download addons ONLY from curse.com if it has an EXE file do not run it. Addons do not require you to run an exe. It should just be a folder that you can coppy and paste in to your Wow>interface>addons folder. (this is what happend to me i downloaded an addon from a non curse site and was keylogged)

5. This one is pretty obvious. Don't share your passwords. Just because he/she is your friend dose not mean your safe.

6. Don't Account trade! These are often scams. This compromises your account info so if you ever get your account back he could call up blizzard and hack it back at any time!

7. Don't Fall For phishers! Be Smart before you log in always check the URL. If its not worldofwarcraft.com/battle.net its a bad idea to log in there.

8. Don't use your same username/password on private servers. They could just check the logs and decide to try it out.

9. Never, Never, never Put your password in a file on your computer. People can open the file like friends or a Keylogger could find it just like that by searching your files.

10. For your Battle.net DO NOT use your Name in your email such as [email protected] that could make it easier for them to compromise your account.

11.Blizzard Employees will never ask you for your account name or password (they have that information already)

12.ALL Blizzard GMs use a popup chat to answer your help tickets NOT your normal chat log

13. Don't use any of your personal private information in any wow passwords or account names (EG: last 4 of your SSN, your DOB, ect)

More will be added upon request or Revision. Thank you for reading!

11-13 added by Oomkin!

[jAy?]

Hey Rabbit... this is a great guide...thank you for taking your time to make this safety guide

Rep +2 for making a great guide

Edit : Rep +3 sorry =)

[Chaosmaster]

New most, but thanks for the guide anyways +Rep for effort!

[Oomkin]

great guide heres a few more tips to add

Blizzard Employees will never ask you for your account name or password (they have that information already)

ALL Blizzard GMs use a popup chat to answer your help tickets NOT your normal chat log

Dont use any of your personal private information in any wow passwords or account names (EG: last 4 of your SSN, your DOB, ect)

[nixxor]

You could get an authenticator..

[mazing]

Great guide, good stuff to know

[TuFF]

This all is common sense TBH.

[DragonWaxter]

yeah lol this is bs common sence

[sweetgnome]

Might be common sense, but common sense exists because people who have it share it with those who don't. It doesn't just magically appear out of thin air.

Maybe
"Those visiting this site should already know this, because of the type of people that visit mmowned are tech-savvy".
Is a more correct term.


we are just too lazy for all that changing password stuff, you make a password, you expect that thing to keep out barbarian hordes.Forever.

Here's a few LAZY MAN solutions to password/wow account security:

1. Write your password down if you play at home, this allows it to be long enough to be effective. 18 characters etc not the full password, just a reminder. write this on a piece of paper with a 'secret agent UV light pen' so you need the pen to see it, then hide inside a half full tic-tac container in case you forget.

e.g. 2p1ustwentyequals22
This makes a brute-force hack have to go through every letter/number combo. Never use two words that exist and put them together. (obvious)

2. Type your password in first if at an Internet cafe/friend over your shoulder etc
"could you please turn away best friend of mine, I suspect you might secretly be scum out to steal my pass" then quickly type your account name and hit enter, the loading screen will obscure your account name, meaning they won't have a chance to get a good look at it.

3. when typing your password/account name ad in some 'trash characters'
e.g. 222p1ustwentyequals2245daf then take two off the start and 5 off the end, foiling anyone looking over your shoulder/a keylogger.
Unless the keylogger is taking pics of your screen to see how many you delete, but that's unusual.

222p1ustwentyequals2245daf delete delete delete

That's what the keylogger would pick up, and if you picked a non-semantic password it would actually work. e.g. 75468lettuce49carrots2621356 delete delete delete
actual password is lettuce4carrots doesn't mean anything, that's good.
2p1ustwentyequals22 is bad because even with numbers added on it can be guessed.

It also pays to use THE SAME trash numbers/letters in your password every time, so keylogging won't reveal your password over time.
Feel free to write down the trash numbers/letters you use, and keep the password in your head. Friends and Family won't be able to do anything with the 'trash'.

Can also copy and past from a text file for part of your password, it ads another level of security to the above method, and by itself has no value. Hide it in text/gibberish if you want.

There you go, Lazy ways to improve security.
Things you might actually try if you don't do them already.

Nobody here is going to change their password regularly, too much work and only serves to foil a brute force attempt targeted at you specifically. Which is so rare compared to keylogging etc as to be negligible.


"4. Download addons ONLY from curse.com"

yes, curse is good but be careful. If somehow something from curse has an .exe treat it with caution. Highly unlikely, but the site you think is curse may be a phishing site etc
*dons Tinfoil hat*
"The higher you place your faith in one man, the farther it has to fall"-Diablo

and...don't go to the Deeprun Tram without an adult guardian if under the age of 10

[michael93]

Sweetgnome i get your point and all..

But you cant have a password longer then 16 chars..

Try make a password that is 27 chars long and type it in.. then try only type in the first 16 chars.. should still work..

Also, alot of people dont know that they can add @ into their passwords just to make them, alittle, more safe..

[Guitargod126]

I have a question. I'm buying a guy's account.. He's local and a friend of a friend, however if I buy it off him and he one day decides that he wants it back, he could just secret question that shit and get it back. $250 gone.

But, I did some research.. The account is NOT yet synced up with a battle.net account. I'm told that if I do that, it adds another layer of "security" and allows me to change the secret question once again.
After that, I'd get an authenticator, just to further increase my security.
BUT after all that, if he bothered to call Blizzard, he could still get it back, right...?
Not sure if I'm asking in the right place. But it's about keeping your account safe, and that's what I need to do. x.x

Edit - + Rep by the way. Been WoWin' it up for 5 years now and I never even though of a few of these.. Especially the same Username/Password on private servers. Never thought of that.

[faithzz]

Yea , Authenticator is the ultimate security. i recommend everyone to use it its not that expensive.

[*Phaze]

+Rep for the effort bud.

[Energizer Rabbit]

Bump!!ZZzzzzz

[Henessy]

Energizer Rabbit, you're not allowed to bump your own threads.

Also, A LOT Of the stuff you mentioned above is common sense and are already spammed in the WoW Scams section. Either look back on the threads and don't post useless threads, or get flamed.