• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 16:18
CEST 22:18
KST 05:18
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Code S RO12 Preview: GuMiho, Bunny, SHIN, ByuN3The Memories We Share - Facing the Final(?) GSL39Code S RO12 Preview: Cure, Zoun, Solar, Creator4[ASL19] Finals Preview: Daunting Task30[ASL19] Ro4 Recap : The Peak15
Community News
Code S RO12 Results + RO8 Groups (2025 Season 2)3Weekly Cups (May 19-25): Hindsight is 20/20?0DreamHack Dallas 2025 - Official Replay Pack8[BSL20] RO20 Group Stage3EWC 2025 Regional Qualifiers (May 28-June 1)60
StarCraft 2
General
The SCII GOAT: A statistical Evaluation The Memories We Share - Facing the Final(?) GSL Is there a place to provide feedback for maps? Code S RO12 Results + RO8 Groups (2025 Season 2) CN community: Firefly accused of suspicious activities
Tourneys
EWC 2025 Regional Qualifiers (May 28-June 1) RSL: Revival, a new crowdfunded tournament series DreamHack Dallas 2025 Last Chance Qualifiers for OlimoLeague 2024 Winter [GSL 2025] Code S:Season 2 - RO12 - Group B
Strategy
Simple Questions Simple Answers [G] PvT Cheese: 13 Gate Proxy Robo
Custom Maps
[UMS] Zillion Zerglings
External Content
Mutation # 476 Charnel House Mutation # 475 Hard Target Mutation # 474 Futile Resistance Mutation # 473 Cold is the Void
Brood War
General
BGH auto balance -> http://bghmmr.eu/ Will foreigners ever be able to challenge Koreans? Battle.net is not working BW General Discussion Which player typ excels at which race or match up?
Tourneys
[ASL19] Grand Finals [BSL20] RO20 Group Stage [BSL20] RO20 Group D - Sunday 20:00 CET [BSL 2v2] ProLeague Season 3 - Friday 21:00 CET
Strategy
[G] How to get started on ladder as a new Z player I am doing this better than progamers do.
Other Games
General Games
Mechabellum Monster Hunter Wilds Path of Exile Nintendo Switch Thread Beyond All Reason
Dota 2
Official 'what is Dota anymore' discussion
League of Legends
LiquidLegends to reintegrate into TL.net
Heroes of the Storm
Simple Questions, Simple Answers
Hearthstone
Heroes of StarCraft mini-set
TL Mafia
Vanilla Mini Mafia TL Mafia Community Thread TL Mafia Plays: Diplomacy TL Mafia: Generative Agents Showdown Survivor II: The Amazon
Community
General
Things Aren’t Peaceful in Palestine US Politics Mega-thread Russo-Ukrainian War Thread All you football fans (soccer)! European Politico-economics QA Mega-thread
Fan Clubs
Serral Fan Club
Media & Entertainment
[Manga] One Piece Movie Discussion!
Sports
Formula 1 Discussion 2024 - 2025 Football Thread NHL Playoffs 2024 NBA General Discussion
World Cup 2022
Tech Support
Computer Build, Upgrade & Buying Resource Thread Cleaning My Mechanical Keyboard How to clean a TTe Thermaltake keyboard?
TL Community
The Automated Ban List TL.net Ten Commandments
Blogs
Research study on team perfo…
TrAiDoS
I was completely wrong ab…
jameswatts
Need Your Help/Advice
Glider
Trip to the Zoo
micronesia
Poker
Nebuchad
Info SLEgma_12
SLEgma_12
SECOND COMMING
XenOsky
Customize Sidebar...

Website Feedback

Closed Threads



Active: 15231 users

Should we act to ensure more security?

Blogs > darkness
Post a Reply
Shield
Profile Blog Joined August 2009
Bulgaria4824 Posts
Last Edited: 2012-05-28 04:40:50
May 27 2012 23:06 GMT
#1
Okay, I just found out passwords on bnet aren't case sensitive. This means that it doesn't matter whether your password is coolguy or CooLGuY. Battle.net treats them the same. I think it's fair to say that most services require correct typing of passwords including upper and lower cases.

Do you think it's a good idea to demand case sensitive passwords? Should we let Blizzard know about our demand? If most of you answer "yes", can someone start a proper organised thread please in order to draw Blizzard's attention? I'm not good at writing smart, so I'm kinda useless.

Ok, there's a poll for you:

Poll: Case sensitive password?

Yes (15)
 
58%

I don't care (9)
 
35%

No (2)
 
8%

26 total votes

Your vote: Case sensitive password?

(Vote): Yes
(Vote): No
(Vote): I don't care



Update:
+ Show Spoiler +

I contacted Blizzard, and this is what I got as an answer:


Hello,

Sadly we in the GM team are not responsible for the overall account security, please keep this to the forums (you will find multiple posts on this already) however sadly even if passwords were case sensitive it would make very little difference to the amount of losses on accounts, case sensitive or not people are still getting keylogged, we are yet to come across a case of an account being brute forced.

Also blizzard passwords have been this way since the very beginning of WoW, even before.

However your concerns are noted as are the conserns of the community at large.

Regards

Korgalos
Blizzard Entertainment
Customer Services EN




***
Cokefreak
Profile Joined June 2011
Finland8095 Posts
May 27 2012 23:11 GMT
#2
What? PW's aren't case sensitive? Then why the fuck have I been doing upper and lowercase pw's...
hifriend
Profile Blog Joined June 2009
China7935 Posts
May 27 2012 23:11 GMT
#3
I'm mostly just pissed that for all these years, there was a much simpler way of typing my password. -_- Yeah that's completely ridiculous.
Gheed
Profile Blog Joined September 2010
United States972 Posts
May 27 2012 23:17 GMT
#4
They already offer you free authenticators. Your password could be "password" and it wouldn't matter if you used one.
EtherealDeath
Profile Blog Joined July 2007
United States8366 Posts
May 27 2012 23:22 GMT
#5
Lol wtf why would passwords not be case sensitive.
Vivax
Profile Blog Joined April 2011
21954 Posts
May 27 2012 23:43 GMT
#6
Didnt know about this either, but Blizzard has my phone number to verify identity, so w/e.

Still a pretty unnecessary risk, why the hell wouldn't you make them CS?
JerKy
Profile Blog Joined January 2011
Korea (South)3013 Posts
May 27 2012 23:53 GMT
#7
wow. had no idea. blizzard what are you doing... you're almost making this too easy
You can type "StarCraft" with just your left hand.
Micen
Profile Blog Joined October 2011
United States34 Posts
May 27 2012 23:53 GMT
#8
The reason why, is that even with Authenticators being out, Blizzard has admitted to a security hole in the system allowing a hacker to bypass that phase of login. There were tons of people exploiting it to hack Diablo 3 accounts day 1. I'm not sure if it carries over into SC2, but it could be assumed considering that they share Account Information. It just brings the security up to par with most other commercial sites.
Go then, There are other worlds then these.
Gheed
Profile Blog Joined September 2010
United States972 Posts
May 28 2012 00:12 GMT
#9
On May 28 2012 08:53 Micen wrote:
The reason why, is that even with Authenticators being out, Blizzard has admitted to a security hole in the system allowing a hacker to bypass that phase of login. There were tons of people exploiting it to hack Diablo 3 accounts day 1. I'm not sure if it carries over into SC2, but it could be assumed considering that they share Account Information. It just brings the security up to par with most other commercial sites.


http://eu.battle.net/d3/en/forum/topic/4309703662

In all of the individual Diablo III-related compromise cases we’ve investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player’s account, and we have yet to find any situation where a Diablo III player's account was accessed outside of “traditional” compromise methods (i.e. someone logging using an account's login email and password).
Aelonius
Profile Blog Joined October 2010
Netherlands432 Posts
May 28 2012 00:20 GMT
#10
Gheed:

Blizzard has confirmed that a work-around that allows hackers to gain access to games protected by its authenticator tool has been invented.

This is the first confirmed case of a compromised World of Warcraft account with an authenticator attached. The affected user alerted others to the issue on the official forums, which was responded to by a Blizzard rep, who confirmed that the case was genuine. Other players then reported similar experiences.

Blizzard poster Kropacius informed readers that the type of problem was a ‘Man In The Middle’ attack. According to information from various affected users, the hacker gains access to a player’s system through a keylogger, thought to be a file named emcor.dll, which can be found in C:/Documents and Settings/Users/[username]/Application Data/Temp. Once infected, the PC will cause WoW to crash, prompting players to log back into the game. This is when the authenticator code is intercepted by the hacker, who sends on a different code to Blizzard’s servers, preventing the legitimate user from gaining access to the game. In the mean time, the hacker does have access to the account until the code resets, and can proceed to steal any gold and/or possessions from your characters.

The code on an authenticator changes every 30 seconds or so, therefore hackers only have access to the account until they log out. In the case of the original user who reported the issue, he was blocked from attempting to access WoW for 15 minutes after inputting “incorrect” login details too many times. During that time, the keylogger file was detected and removed. Nothing was changed in the account management on the official WoW site, but when he gained access to WoW after the lock-out, several in-game items were gone; the hacker had presumably been logged out when the owner logged back in.

Blizzard has always maintained that the authenticator was never a 100% fool-proof method of keeping game accounts safe, and should be treated as an additional layer of protection. This latest development further highlights the need to be aware of keyloggers, and to keep anti-virus software up to date. However, neither of these prevented the afore-mentioned user from falling foul of the scum of the internet.


Source: http://diablo.incgamers.com/blog/comments/first-blizzard-authenticator-hack-confirmed


Ontopic:
I do not want to use an authenticator for various personal reasons, but I do feel that the password policy of Blizzard is lacking terribly. Why can't we use special characters for example?
''The nine most terrifying words in the English language are: 'I'm from the government and I'm here to help.''—Ronald Reagan
Gheed
Profile Blog Joined September 2010
United States972 Posts
May 28 2012 00:28 GMT
#11
I hadn't seen that. However, that method relies on a person having a keylogger on their computer, which would render a case-sensitive password useless anyway.
dangthatsright
Profile Joined July 2011
1158 Posts
May 28 2012 01:34 GMT
#12
Erm.

Oh wow that actually works.

As mentioned above, most more sophisticated methods probably make case-sensitivity useless as a security measure, but it's a very good thing to force to, idk, make it much less easily dumbass-able.
SKC
Profile Joined October 2010
Brazil18828 Posts
Last Edited: 2012-05-28 01:46:55
May 28 2012 01:39 GMT
#13
Is it time to link this XKCD comic?
[image loading]

Seriously though, it's what Gheed said. Hacked accounts are basically never brute forced, and hacked accounts with authenticators, something that hasn't happened in D3 so far it seems, only in WoW, are not only much more rare but also impossible to brute force. Adding case sensitive passwords would change nothing.

Micen's post is wrong, they admited in a WoW case, but still say it hasn't happened in D3. Definatelly not "a ton of people".
JeeJee
Profile Blog Joined July 2003
Canada5652 Posts
Last Edited: 2012-05-28 03:36:13
May 28 2012 03:28 GMT
#14
Does it actually matter? It's not like anybody can bruteforce a password even if they know its only restricted to a-z0-9, don't they kick you out after a few guesses? If you're getting hacked, your password being stronger wouldn't help you since presumably you either got keylogged or phished or something like that.

edit: here's another appropriate xkcd comic related to this
[image loading]
(\o/)  If you want it, you find a way. Otherwise you find excuses. No exceptions.
 /_\   aka Shinbi (requesting a name change since 27/05/09 ☺)
Shield
Profile Blog Joined August 2009
Bulgaria4824 Posts
Last Edited: 2012-05-28 04:42:15
May 28 2012 04:42 GMT
#15
Answer from Blizzard:


Hello,

Sadly we in the GM team are not responsible for the overall account security, please keep this to the forums (you will find multiple posts on this already) however sadly even if passwords were case sensitive it would make very little difference to the amount of losses on accounts, case sensitive or not people are still getting keylogged, we are yet to come across a case of an account being brute forced.

Also blizzard passwords have been this way since the very beginning of WoW, even before.

However your concerns are noted as are the conserns of the community at large.

Regards

Korgalos
Blizzard Entertainment
Customer Services EN

Please log in or register to reply.
Live Events Refresh
BSL Season 20
18:00
Round of 20 / Group D
Bonyth vs Doodle
Bonyth vs izu
Bonyth vs MadiNho
Bonyth vs TerrOr
MadiNho vs TerrOr
Doodle vs izu
Doodle vs MadiNho
Doodle vs TerrOr
izu vs MadiNho
izu vs TerrOr
ZZZero.O279
LiquipediaDiscussion
Road to EWC
16:00
Europe Closed Qualifiers Day 2
TKL 666
CranKy Ducklings491
IndyStarCraft 375
CosmosSc2 207
EnkiAlexander 124
Rex112
LiquipediaDiscussion
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
TKL 666
IndyStarCraft 375
CosmosSc2 207
Rex 112
Codebar 15
StarCraft: Brood War
Calm 3723
Rain 1736
Mini 298
ZZZero.O 279
firebathero 265
Dewaltoss 130
Hyun 16
Dota 2
qojqva4390
League of Legends
JimRising 476
Counter-Strike
Stewie2K1596
flusha519
Super Smash Bros
hungrybox989
Mew2King63
Heroes of the Storm
Liquid`Hasu544
Khaldor267
Other Games
summit1g6609
FrodaN5030
Grubby4892
B2W.Neo1328
Trikslyr82
KnowMe60
QueenE59
Has37
NightEnD6
Organizations
Other Games
gamesdonequick1351
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
sctven
[ Show 20 non-featured ]
StarCraft 2
• kabyraGe 376
• Berry_CruncH90
• HeavenSC 12
• Hupsaiya 8
• Kozan
• LaughNgamezSOOP
• sooper7s
• AfreecaTV YouTube
• intothetv
• Migwel
• IndyKCrew
StarCraft: Brood War
• RayReign 11
• STPLYoutube
• ZZZeroYoutube
• BSLYoutube
Dota 2
• masondota21066
• Ler144
League of Legends
• Doublelift3443
• Shiphtur788
Other Games
• imaqtpie2168
Upcoming Events
Replay Cast
1d 3h
Replay Cast
1d 13h
PiGosaur Monday
2 days
Bellum Gens Elite
2 days
The PondCast
3 days
Bellum Gens Elite
3 days
Replay Cast
4 days
Bellum Gens Elite
4 days
Replay Cast
5 days
CranKy Ducklings
5 days
[ Show More ]
SC Evo League
5 days
Bellum Gens Elite
5 days
Replay Cast
6 days
SOOP
6 days
Sparkling Tuna Cup
6 days
AllThingsProtoss
6 days
Liquipedia Results

Completed

Proleague 2025-05-28
DreamHack Dallas 2025
Calamity Stars S2

Ongoing

JPL Season 2
BSL 2v2 Season 3
BSL Season 20
KCM Race Survival 2025 Season 2
NPSL S3
Rose Open S1
CSL Season 17: Qualifier 1
2025 GSL S2
Heroes 10 EU
ESL Impact League Season 7
IEM Dallas 2025
PGL Astana 2025
Asian Champions League '25
ECL Season 49: Europe
BLAST Rivals Spring 2025
MESA Nomadic Masters
CCT Season 2 Global Finals
IEM Melbourne 2025
YaLLa Compass Qatar 2025
PGL Bucharest 2025
BLAST Open Spring 2025

Upcoming

CSL Season 17: Qualifier 2
CSL 17: 2025 SUMMER
Copa Latinoamericana 4
CSLPRO Last Chance 2025
CSLAN 2025
K-Championship
SEL Season 2 Championship
Esports World Cup 2025
HSC XXVII
Championship of Russia 2025
Bellum Gens Elite Stara Zagora 2025
Murky Cup #2
BLAST Bounty Fall 2025
BLAST Bounty Fall Qual
IEM Cologne 2025
FISSURE Playground #1
BLAST.tv Austin Major 2025
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2025 TLnet. All Rights Reserved.