Is your World of Warcraft account more secure than your online banking account?
Blizzard, creator of the immensely popular MMORPG game World of Warcraft, has come out with authentication tokens as an added layer of security for game account holders. For $6.50, you can order a key fob that generates a random number when you press a button on the fob. Account holders who have tied their accounts to this authentication token will be required to enter that random number along with their standard username and password in order to login to the game.
The idea here is that even if someone else has obtained the player’s username and password, they will be unable to login unless they have the authentication key fob physically in their hand, since the number generated by the token expires after a certain time and is randomly generated each time the user pushes the button on the key fob itself.
I used to have one of these Citrix-based key fobs when I worked at a blood bank in California, and the token was required in order for me to access the internal network from a remote location. Understandable, since the blood bank network contains quite a lot of very personal information such as social security numbers and donor eligibility based on any diseases the donor might have.
Blizzard’s move certainly makes a degree of sense, considering some high-level, well geared WoW accounts can sell for $1000 or more, and an account of that stature has clearly taken months or years of the account holder’s life to attain. Paying $6.50 for an extra layer of protection on your time and money investment seems like a pretty good idea.
What is perhaps a little troubling, however, is that neither of the two banks I do business with offer this level of security to protect my actual bank accounts. My online banking systems, both of which are hooked into bill paying, online statements, full account histories, scanned check copies (through which my checking account number could easily be snagged), are merely a username and password away.
Would you pay seven bucks for an extra layer of security on your banking information? I know I would. So what are the banks waiting for? Why is my video game using a more secure two-factor authentication system, but my banking institution is not?
And as a side note, as these types of systems become more commonly implemented (as they should be), is there a company out there that will find a way to tie multiple systems together, so I don’t have to walk around with 15 different key fobs?