Latest Diablo 3 News
DiabloWiki Updates

Third-party Blizzard authenticator for Windows.

Discussion in 'Diablo 3 Community Forum' started by nurman, Nov 10, 2012. | Replies: 0 | Views: 3793

  1. nurman

    nurman IncGamers Member

    Joined:
    Dec 8, 2009
    Messages:
    4,298
    Likes Received:
    7
    Trophy Points:
    348
    I started using this so that I could use the D3 RMAH and I did not have an Android / iPhone (I use a Symbian Nokia :thankyou: ) Works quite well I, admit.

    And no, I did not make it.

    If you want to play safe, just get an official authenticator. This is for us cheapskates.

    Hosted here.
    http://code.google.com/p/winbma/

    Alternative with GW 2 support (I use this one myself).
    http://code.google.com/p/winauth/

    THIS AUTHENTICATOR IS NOT SUPPORTED BY BLIZZARD AND IS BASED UPON EMULATING THE ANDROID VERSION OF THE AUTHENTICATOR ON A WINDOWS PLATFORM.



    Info copied from the site.
    Description

    WinBMA is a Windows based Battle.net Authenticator which allows people who don't have access to a smartphone supported by the official BMA to still be protected by an authenticator.
    [​IMG]
    WinBMA supports multiple authenticators. You can save your authenticators to ".bma" files which can be imported again if you need to transfer an authenticator from one computer to the other.
    Important: Using this authenticator on the same computer as your WoW installation does NOT protect you against malicious software stealing your information. For maximum security, use this authenticator on a different computer then your WoW installation. See Security Implications.
    Features


    • Supports multiple BMA's
    • BMA's can be identified with a label of your choice
    • Auto/Manual resync with Blizzard's Auth servers (once a week)
    • Import and export BMA through the .bma file format
    • One-Click Copy of generated key and serial
    • Strong Encryption Options (AES-256/PBKDF2 and/or Windows Data Protection)
    • Restore Codes supported
    • Themes
    Themes

    [​IMG] [​IMG] [​IMG]
    Security Implications

    Using a PC based authenticator versus a mobile or hardware one does not protect you against malicious software. Since the security token has to be stored on your computer, malicious software could steal that information and generate working authenticator codes.
    This is the reason why Blizzard does not release a PC authenticator. The high-visibility of an official PC authenticator would make it completely useless at stopping malware-based attacks.
    However, this does not mean that using a Windows-based authenticator is completely useless. An authenticator protects you on multiple levels:

    1. It almost completely neutralizes and prevents brute-force attacks.
    2. It protects you against data mining from other account compromises (a strong, unique password for each of your accounts also does that, never use the same password twice).
    3. It protects you against common phishing attacks (however, an attacker could request 2 authenticator codes and unregister your current authenticator)
    4. It protects you against keyloggers and malware
    This authenticator does all of the above EXCEPT point 4 when WinBMA is installed on the same computer as your WoW installation. While it will protect you against generic keyloggers, malware written specifically for stealing WoW account information could include support for WinBMA and steal your authenticator unencrypted security token and generate working authenticator codes for your account. To mitigate this, please encrypt your tokens using a password (different than your Battle.net account password).
    For maximum security, please use an official hardware/mobile authenticator or use the above authenticator on a separate computer then your WoW installation.

    Quite nifty I must say. :pancake:

Share This Page