08-14-2012, 02:50 PM
There is no reason NOT to have an authenticator IMO. Even if you don't have a smartphone apparently you can easily find Android emulators and use the mobile Android version. It can be set to only ask for token authentication once per week or when logging in from a new location so the annoyance factor is minimal.
Mav is right though- having a unique B.net password will go a long way towards ensuring that you're protected. I think a large majority of Blizzard hacking victims use the same password on other websites, and when THOSE websites get hacked, their B.net account is a casualty. So you can have a unique B.net password, or use the same password as other places and have an authenticator. Do both to be more fully protected.
Somewhat off topic but it may be helpful: my email got hacked awhile ago through the method above (an unrelated site had their password DB stolen) and I stupidly used the same password on multiple other sites, most notably Facebook and Gmail. Commence the whole "help I'm stuck in London plz send money" scam, jeering from my friends & relatives, etc etc etc. Lesson learned, don't use the same password everywhere. I sat down and made a list of sites that I have accounts at, and holy cow there are a lot. So I came up with a password scheme that let me have different passwords at every site but was still easy to remember: a passphrase + name of the site. So my passphrase, for example, might be the first characters of each word in the sentence "This is my super-secure password for Battle.net!" (Timsspfb!). Swap out Battle.net for whatever site you need a password for (Timsspfg! for Gmail, etc), and voila! a fairly easy to remember password scheme that can be relatively unique amongst all websites. Obviously you'll have to modify the scheme slightly for some sites that start with the same letter, but it's a good base to start with.
/derail
Mav is right though- having a unique B.net password will go a long way towards ensuring that you're protected. I think a large majority of Blizzard hacking victims use the same password on other websites, and when THOSE websites get hacked, their B.net account is a casualty. So you can have a unique B.net password, or use the same password as other places and have an authenticator. Do both to be more fully protected.
Somewhat off topic but it may be helpful: my email got hacked awhile ago through the method above (an unrelated site had their password DB stolen) and I stupidly used the same password on multiple other sites, most notably Facebook and Gmail. Commence the whole "help I'm stuck in London plz send money" scam, jeering from my friends & relatives, etc etc etc. Lesson learned, don't use the same password everywhere. I sat down and made a list of sites that I have accounts at, and holy cow there are a lot. So I came up with a password scheme that let me have different passwords at every site but was still easy to remember: a passphrase + name of the site. So my passphrase, for example, might be the first characters of each word in the sentence "This is my super-secure password for Battle.net!" (Timsspfb!). Swap out Battle.net for whatever site you need a password for (Timsspfg! for Gmail, etc), and voila! a fairly easy to remember password scheme that can be relatively unique amongst all websites. Obviously you'll have to modify the scheme slightly for some sites that start with the same letter, but it's a good base to start with.
/derail