I was surprised to see this as anyone, more surprised after I read all that had happened with the new World of Warcraft trojan, and realized this is probably the method used to perpetrate the deed. This is a simple tool, it’s the Java program found on most mobile phones, but this also comes with an emulator, which will in turn allow you to use this file on your Windows computer. Sorry Mac, you’re going to have to wait a bit longer.
I myself verified it does work, it will work as a mobile desktop authenticator. Great if you want your own little Core Hound pet. Even though It’s not officially supported on other phones, if you can run the jar file from your java enabled phone, you can use this as an authenticator directly off your phone.
loading…
You may also like -
Google Authenticator Support
WoW: Chuck Norris Commercial
SC2: 5 Ways to improve your game
Diablo 3: WARNING PHISHING EMAILS
Comments RSS
Entries RSS
Excuse me if I’m wrong, but doesn’t this succesfully remove the sole purpose of an authentication method like the mobile solution? I mean, the reason for having it on cell phones and authenticator gadgets is that it is an external source, therefore can not be read by trojans and the like.
Any thoughts? A trojan could easily be built to send the authentication key to a server who immediately uses the key. This would not happen with external devices. In my view, this is just taking a working safe solution and converting it to an unsecure one.
Correct me if im wrong but the authenticator displays a picture with the characters (numbers) you have to enter not the text numbers themselves so you still have to type them in manually and i don’t know of a single trojan which can get any useful data from a picture…
I’ve just updated the native Windows Battle.net open-source authenticator with a new version that can send backups of your data by email. As it’s open-source, so you build it yourself and be sure it is safe. Whilst a physical device or phone app is always recommenced, this is still better than nothing.
http://code.google.com/p/winauth/Edit by Admin – For safety, do not allow this program to access any browser nor internet connection. Also, we recommend you use the code to build your own authenticator, rather then using the pre-compiled version!
Thanks for keeping the link.
I understand your warning and even agree with it myself
The whole point of creating the open-source version was to allow anyone to read through the source code, build it themselves and not be concerned. That is my recommendation too.
Actually, I recommend you go get a real authenticator from Blizzard’s store, or even a phone app. But this is a useful backup or alternative if those are not viable.
On internet access: you would need to allow it to access the net connection to enroll an initial authenticator, as it has to communicate with the Battle.net servers. You can disable access after that. It may also try and sync time with the Battle.net server if it detects your computer’s time is off by 30 seconds.
If anyone has questions, you can contact me through the Google Code project website http://code.google.com/p/winauth/.