Dial-in Authenticator Review

When it comes to my wow account security, I’m an early adopter.  I use a unique password of nonsense numbers and letters that make no sense and I use for nothing else.  I keep all my virus and mallware scanners up to date.  I never visit sites that are geared at phishing passwords (unless there is a good post involved).  In fact when I first heard of Blizzard’s Original Authenticator, I bought one the very morning they went on sale before they sold out.  I posted my Blizzard Authenticator review as soon as it arrived.  As soon as Blizzard launched the Mobile Authenticator, I downloaded it on my 2nd gen iTouch and gave my original to my wife for her account.  A few months back when I got an DroidX android powered phone which I always keep with me, I swapped over to the Android version of the Blizzard Mobile Authenticator.  So since they have come out, I have tried every version of the Blizzard Authentitor except for the versions for Java powered phones.  It should be rather obvious that I want to test out the new Dial-in Authenticator.

Now this is a pretty neat concept.  One of the things that is bothersome about the autenticators is the simple fact that …well you have to use them.   Having to track down your keyfob or launch your app to get your code can sometimes be a nusence.  I’ve been using a Authenticator in some for or another since summer of 08.  Even so, its kind of annoying.  What the Dial-in Authenticator does is simply protect your account with out that code.  Once Blizzard sees a login from an unrecognized IP address, the authentication part kicks in and requires an extra step.  You’ll have to dial a 1-800 number, input the pin you gave it at setup, and bam…they read you off a code which you use to log in with.

Setting up with pretty simple.

  1. Log into
  2. If you have an authenticator on your account you’ll need to deactivate it.  This is the same process for detaching any authenticators (except maybe the new Dial-in Authenticators).  First chose to remove authenticator.  This will send an automated email to your address on file to verify that this is you doing this.  Once you click that verification link in the email you’ll be able to continue onto the second step.  You must now enter in 2 sequential back-to-back authenticator codes.  This can take about 30 seconds as you have to wait for the 2nd code to refresh.  This will verify that you are indeed wanting to do this and have the right authenticator in your hand.
  3. Once the account has no authenticator attached, you may add a new one (in this case, the new Dial-in Authenticator).
  4. Choose which phone you will be calling from (I used my Google Voice number as it will be consistent no matter what cell phone or house number I’m calling from.)
  5. Then you must call the 1-800 number they give you from the phone number you gave them (aka my Google Voice #).
  6. You will then be prompted to enter in a pin number of your choosing.  Then enter it once more to confirm.
  7. Profit! You are now protected!

Now I can simply log in without having to type in any pesky information besides login name and password.  Since I just added this to my account this morning, I don’t have extensive test data to report on what happens when I log in elsewhere or what the process is if you want to remove the Dial-in Authenticator.  This does however leave me with a feeling of “Is it really on? Can I trust this?”.  I suppose that is only natural since I’ve used this almost daily for 2+ years now.  Perhaps they could add some sort of notification window when you log in.   A quick half second message of “login on from a authenticated location” just as they flash up “submitting non-personal system information” from time to time.   Just a thought.  If anything more exciting comes up with this I’ll be sure to update my review.  I’ll also be sure to post if my account is hacked by this afternoon!  😉

This entry was posted in General and tagged , . Bookmark the permalink.

4 Responses to Dial-in Authenticator Review

  1. Rhii says:

    Interesting! I wonder does it store authenticated locations for things like your account and the armory login also? That’s the only time I really find the authenticator bothersome, is when I am trying to log into my account preferences or something.

    I may give this a try, just to see if cutting out the extra step at login is convenient. I don’t know though, I like the tangible sense of security I get from typing in the numbers.

    • Aurdon says:

      Rhii, as always you are genius…that’s how I’ll test. I’ll log into via my remote desktop at work and see what happens. Update later today on that.

  2. Michael says:

    It has been almost a year, are you still using this? Do you still feel secure? Update Please.


Leave a Reply

Your email address will not be published. Required fields are marked *