After two more guildmates got hacked last week, I decided to check and change my account security. I’ve used an authenticator since shortly after they were released, which I think is 90% of the protection that can be applied.
The other 10% is a combination of obvious email addresses, spyware, and repeated passwords for different purposes.
If for whatever reason you don’t have an authenticator then please get one. I really believe that if the hackers find an account with an authenticator then they’ll think about an easier target. Even if there are only 5% of players who don’t have them (only blizzard knows I guess), then that is still 550,000 of 11 million accounts. Would you rather be in the group that are easy targets, or the group that are significantly harder to hack?
Like most folks ReadID and the BattleNet integration was not around when I picked which email address to use, and my Warcraft account name was not too crazy, but still in the bounds of something I could remember. When we all changed to using our email addresses to login I kept with the default one I’d used for sign-up.
This is a bad idea, and needed to be changed.