Gaming Goes Two-Factor Authentication
- May 11th, 2010
- Write comment
It is pretty telling how far online gaming, especially MMO (Massive Multiplayer Online) gaming, and other new media have come in recent years. Technologies typically reserved for use by security minded corporate IT executives are now making their way into online gaming.
An IT security specialist may want to add a second layer of authentication credentials to protect valuable company assets accessible on a company Intranet. Typical corporate users are known to use weak passwords. One might suggest that the use of strong password conformance programs or generation of strong passwords be used. This is easily responded to with reality. Anyone who has worked in IT in a corporate environment knows that executive arm twisting takes place and often these rules go wayside for some users. For example, the fictional CEO that always forgets his password unless he uses his daughter’s name and birth year ”Jane2001″.
One answer to this security dilemma: Two factor authentication. This leverages the security philosophy of something you have and something you know. You see, someone may know or guess your password, but unless they have this other physical thing, the password does them little good. This other physical thing could be an access card, smartcard, authentication token or key on a memory stick, or better yet a small device that generates a six digit code every so often that matches the same code generated on the server side every so often. We are talking about DIGIPASS® by Vasco Data Security Intl. , or SecurID® by RSA Security. So, a user login may go like this: user enters username and password, then pushes button on SID device which provides the six digit code which must be entered with the other aforementioned credentials. This has been around for years, but this is the first time I have ever seen a game or game network offer this technology to its users.
The fact is, gamers invest a great deal of time and money into this new era games and these accounts can accrue considerable value. Enough so that phishing, account theft, etc. are reported at a blistering rate. Battle.Net, a Blizzard Entertainment company, most known for the management of millions of World of Warcraft® accounts has implemented such security technology recently. Battle.Net uses DIGIPASS® by Vasco Data Security Intl..
“The Battle.net Authenticator is designed as a supplemental authentication method for your World of Warcraft® account, giving you the security of Two-Factor authentication. Each time you log in using the Battle.net Authenticator you are provided with a unique, one-time use password to use in addition to your regular password. Log in with both and you can rest easy knowing that your account is now even more secure from malicious attacks such as key loggers and trojans.”
Battle.Net Keychain Authenticator
Attaching one’s account to the authenticator is ultra simple and the price for this cool little gadget is less than $7 US. But, you don’t need the keychain authenticator to tap into Battle.Net’s two-factor authentication; they offer a mobile application for free that does the same thing, and it is available for iPhone/iPod Touch, Android, and other mobile phones.
As social networking, gaming, and life online all continue to evolve, look forward to this security technology becoming much more common place.