Allow me to extend my non-purchase to you and all who share your point of view like a boycotting Jesus. Didn't see this coming, but the fact that the game needs a connection to play alone soured me on it before release.
-
Hey Guest. Check out your NeoGAF Wrapped 2025 results here!
Diablo 3 TOS and account bans.
- Thread starter Lostconfused
- Start date
Allow me to extend my non-purchase to you and all who share your point of view like a boycotting Jesus. Didn't see this coming, but the fact that the game needs a connection to play alone soured me on it before release.
He's talking about people without authenticators.
Also, there are ways to attack even with an authenticator.
Duxxy3
Member
Same. Very glad that i refused to buy it because of the always online portion.
Gentleman Jack
Member
If you know about the authenticator and choose not to use it you are willingly undertaking a risk of losing control of your account and watching it get irretrievably banned. You may not like it but that's the reality. You can try again with customer service and say your account was stolen and that you were not the actor behind the TOS violations, but please abandon this 'blizz banned me because I didn't play their games' tack, it is a non-starter.
Vane_MagicCity
Banned
You know, it's a single player game, it should have been offline. Another thing, it really bothers me that they give vague answers after they've stolen $60 from you. That's like the ultimate middle finger.
Blizzard: "Yeah, we banned you. Stole $60 from you and gave you a vague explanation. Whatcha gonna do bitch!"
Pathetic.
Blizzard: "Yeah, we banned you. Stole $60 from you and gave you a vague explanation. Whatcha gonna do bitch!"
Pathetic.
... and lose access to any other games on your battle.net account.
Charge back on them too if blizzard steal them too.
cpp_is_king
Member
Sigh, go back and read the post i responded to. He asked how accounts WITHOUT authenticators are getting hacked
Gentleman Jack
Member
This is terrible advice.
Open another ticket, articulate that you suspect your account was stolen and used for activities against the TOS and that you'd like your access to it restored. If you opened a ticket with 'hey what happened to my account?' the only answer you're going to get is 'we closed it because it was botting/hacking its way through Diablo III.'
Tailor your support tickets around the specific problem you think you're having and you'll get better service.
Lostconfused
Member
To be honest if I don't get this resolved I'd rather just not play any more of their games.
Edit: As for the ticket, I opened two of them and both got dismissed with a flat refusal to do anything.
i knew i wouldn't be buying this game when people were getting hacked and people echoed that "you need an authenticator", i don't have authenticators for my bank account and stocks and credit cards, but i need one for a game?
Blizzard offers these keychains and makes andriod apps, why? Why isn't whatever the authenticator does just part of the client, built into the game. Or why isn't there a real windows version of the program, it seems like you have to emulate a smartphone?
Blizzard offers these keychains and makes andriod apps, why? Why isn't whatever the authenticator does just part of the client, built into the game. Or why isn't there a real windows version of the program, it seems like you have to emulate a smartphone?
Pinko Marx
Banned
RedNumberFive
Banned
Fourthed.
+1
Seriously this is just ridiculous, this is theft on Blizzards part.
Why am i not surprised there are people in this thread defending Blizzard and blaming the OP?
Two-factor relies on having independent factors--the idea is that even if system A (PC) is compromised, system B (keyfob / iPhone) won't be.
On the other hand, there's no excuse for not having the "if system A (PC) is compromised, system B (email) may not be, so we should at least try" backup that most online services have, or a complete lack of anti-bruteforce methods.
I don't think that there has ever been confirmed reports of that. Rumors mostly, but never proof.
The Blizzard defence force is legendary. Sony, MS, Nintendo fanboys ain't got shit on this bunch. At any given time there is a vehement army of people defending any and all of Blizzard's bullshit. People in this very thread blaming the OP cause his password wasn't secure enough, how dare he have the audacity to not have an authenticator, the victim blaming goes on and on.
Part, and a very fucking LARGE part of the blame goes to Blizzard. They are the purveyors of probably the most coveted virtual goods that exist and the security behind it is fucking woeful.
Battle.net Passwords are case insensitive. You also can't have special characters. This is one of the weakest security systems I've ever personally experienced.
The case insensitive part is a biggy. If your password is DaRReN1201 then typing in darren1201 will successfully authenticate. This makes bruteforcing passwords laughably easy, no case to worry about, no special characters, it's practically an open invitation to hackers, and is probably why account breaches are so ridiculously common, that you are more likely to have been hacked than not.
Part, and a very fucking LARGE part of the blame goes to Blizzard. They are the purveyors of probably the most coveted virtual goods that exist and the security behind it is fucking woeful.
Battle.net Passwords are case insensitive. You also can't have special characters. This is one of the weakest security systems I've ever personally experienced.
The case insensitive part is a biggy. If your password is DaRReN1201 then typing in darren1201 will successfully authenticate. This makes bruteforcing passwords laughably easy, no case to worry about, no special characters, it's practically an open invitation to hackers, and is probably why account breaches are so ridiculously common, that you are more likely to have been hacked than not.
The edit is unacceptable from Blizzard. Try for a third time with, if you haven't already, something along the lines of "I suspect my account was compromised, however I was not alerted to this until I received notice that my account was banned. Since whoever compromised my account appears to have disobeyed the ToS, and not myself, I would like to request that the account be restored and game access returned to me, or a refund given for the $60 of my money that you are now holding."
If that doesn't get you anywhere, tell them you'll report them to whichever organisation or governing body oversees disputes like this (for us, usually Trading Standards, but they deal more with physical goods rather than digital, I think). If they still refuse to do anything, report them to the relevant organisation(s) and escalate it with them.
And if that doesnt work, tell them you'll get your bank involved since they've taken away the product you purchased, for an offence that wasn't committed by you, but kept your money.
Has blizzard ever had a data leak? There seems to be an unusual high amount of hacked accounts. Especially blizzard games.
He's in America. There isn't one.
Bank is iffy--legally it's "within 30 days", some read it as transaction, some read it as defect occurring, and some (mostly local banks or fee-charging credit cards) give you more. But definitely worth a try, though I'd try the retailer first!
SquiddyCracker
Banned
Are you in the EU, OP?
I'm pretty sure some of your consumer rights should cover this (EULAS and TOS means nothing).
I'm pretty sure some of your consumer rights should cover this (EULAS and TOS means nothing).
Maybe if OP had given Blizzard more money and paid them to actually fucking secure his account they wouldn't have robbed him. Shame on him!
There's no consumer protection organisation in America for when products go wrong or companies refuse to co-operate? That's a bit worrying to be honest, there should at least be somewhere to get advice, too many companies think they can do what they want and they're too big to be troubled by any threat of action to rectify the situation.
Freakinchair
Member
Nice inflammatory thread title bro.
I see "Diablo 3 TOS and account bans" - how is that inflammatory?
See my post. There are weak passwords because you literally are not able to have strong ones.
That's exactly why there isn't one.
We have the BBB, which is a voluntary organization of companies which, er, demands a token (4 or 5 digit) fine from repeat offenders on pain of an F grade on their website, and the Federal Trade Commission which only steps in for the most blatant and widespread cases of straight-up fraud. Anything else? You've gotta sue.
And some people wonder why everyone's suing for huge amounts, and come to the conclusion that we need to cap damages!
thetrin
Hail, peons, for I have come as ambassador from the great and bountiful Blueberry Butt Explosion
It sucks that someone hacked uour account, but how can you have both WoW and D3 and still not have an authenticator?
It's a miracle your WoW acct wasn't hacked and emptied 10times over by now.
CambriaRising
Member
I cannot believe people are defending Blizzard in here and condemning the OP.
They fucking robbed the guy. Pure and simple.
They fucking robbed the guy. Pure and simple.
Exactly
Definitely very possible, Blizzard's system is pretty outdated.
Freakinchair
Member
and first post (my bad)
To add some content - every time I've had to contact blizzard support It's always been a great experience. It's possible that the Diablo team is awful but I think the support team covers all of Blizzard games.
Have you ever contacted them regarding an account closure action?
Blizzard could have turned this into a great PR stunt... by sending something like the following:
"Your account has been suspended due to suspicious activity. We are sending an Battle.net authenticator to the address listed on your account at no charge. Once an authenticator has been linked to your account, the suspension will be lifted and you can resume playing."
"Your account has been suspended due to suspicious activity. We are sending an Battle.net authenticator to the address listed on your account at no charge. Once an authenticator has been linked to your account, the suspension will be lifted and you can resume playing."
cpp_is_king
Member
I wouldn't say literally, it's just difficult. You need to use more symbols and numbers, as well as LONG passwords. I'll give you one thing, the fact that battle.net passwords are case-inensitive is a total fucking embarrassment, and they should be ashamed of themselves for this.
According to the post above though special characters aren't allowed. So wouldn't that include commonly used symbols such as exclamation marks and commas?
cpp_is_king
Member
My password definitely has special characters in it, I just checked. I store my password in KeePass and don't even know what it is, so it's ridiculously long and full of random stuff. Keepass estimates that my password has 96 bits of entropy. I lowercased it and then checked and KeePass has me at 83 bits of entropy with an all lowercase password. So that's probably more accurate. Still pretty strong, although a far cry from the 120+ bits of entropy I can get on websites that don't have idiotic restrictions or lowercasing policies.
That being said, the lowercasing rule is the worst example of a company password policy I've ever seen, and I've seen a lot of stupid shit.
Lol there not case sensitive? Wtf year are they stuck in.
Go ahead and try and set your Battle.net password with any of the following !@#$%^&*() or the like, it won't work.
I'm not sure what's happening with cpp's situation though, I am fanatical about having strong passwords and I haven't ever been able to ever change my Battle.net password to anything remotely strong.
I'm not sure what's happening with cpp's situation though, I am fanatical about having strong passwords and I haven't ever been able to ever change my Battle.net password to anything remotely strong.
Lostconfused
Member
Canada. I'll try talking to customer support again tomorrow. I don't want to frustrate my self with this anymore, at least today.
Must be. It honestly wasn't an issue until now.
cpp_is_king
Member
Then there's specific characters that are not allowed or the rule is more complicated in ways which are not immediately obvious. Some special characters work, because my password has quite a few. Not going to get into specifics, but experiment if you want, I have multiple distinct special characters in my password.
ephemeral garbage
Member
The post above is wrong, I have special characters in my password.
Gentleman Jack
Member
Just noticed this, you can definitely have some of these characters in your password.
It's a bigger problem that battle.net only allows a maximum of 16 characters than the exclusion of punctuation.
It should be pretty easy for blizzard to determine with their logs the location of the IP using the account, which is very unlikely to be at your country much less city.
I would highlight to the CSR that their passwords are not FREAKING CASE SENSITIVE or have any maximum login attempts making it pretty easy to brute force the password unless you have an authenticator