How to Reset Your Blizzard Password and Protect Your Battle.net Account
Do you enjoy playing computer games from Blizzard Entertainment like Diablo II, Warcraft 3, and World of Warcraft? If so, you have to review your account security as soon as possible.
Activision Blizzard has confirmed that a security breach compromised a huge number of Battle.net accounts. Blizzard has informed North American players that servers (this includes servers in North America, Latin America, Australia, New Zealand, and Southeast Asia) that hackers have stolen multiple user e-mail addresses, answers to security questions, a database of user passwords, and private info connected to dial-in and smartphone app-based Two-Factor Authentication.
Blizzard reps commented that the stolen data alone isn't enough to hack into gamers' accounts. The passwords are crystallographically protected by the Secure Remote Password (SRP) protocol, a key-based authentication system. Activision Blizzard noted that anyone trying to break through the user passwords would need to decode the passwords one by one, which would take an incredible amount of man-hours.
That said, it's strongly recommended Battle.net users change their passwords and if you're a Battle.net gamer here's what you need to do:
How to change your Battle.net password
Log into Battle.net and click on the "Account" button at the top of the page. Then click "Settings" on the next page and choose "Change Password" from the drop-down menu.
A security question change is inbound.
Currently, Blizzard doesn't have a mechanism in place to allow you to change your security questions freely, which is a problem if these hackers have Battle.net users' security questions and answers. However, the video games giant says it is working hard on a feature that will let you change your security question through the account management site. After the new feature goes online, you will be able to modify your security questions as you see fit.
Two-Factor Authentication app will be updated.
Blizzard's free 2FA smartphone app, Battle.net Mobile Authenticator, was also apparently hacked. Blizzard reps said that the data "could potentially compromise the integrity of North American Mobile Authenticators." Even worse, Blizzard explained that hashed phone numbers were also compromised for users of Dial-in Authenticator.
Mobile Authenticator users need to wait for an update for the mobile app, but it's unknown if the Dial-in Authenticator will get anything.
Despite the potentially problematic stolen data, it's still recommended that you use Blizzard's 2FA. By using Two-Factor Authentication, you are creating an extra step for hackers to go through. However, it's best to wait until Blizzard deals with the issue before you enable it.
You can purchase the physical authenticator directly from Blizzard. The company offers Battle.net users 2FA through a paid keychain attachment, which gives you a log-in code or the Mobile Authenticator app.
Use the SMS Protect option
A secondary protection tool called SMS Protect exists. It will send a text message to your phone if suspicious activity is found on your account. It will also inform you of major changes, like password modification. SMS Protect can be used to unlock your Battle.net account, remove an authenticator, recover your account name, and reset your password.