Yeah, Thanks a lot Microsoft! I've been using the online gaming alias XBones (Short for crossbones) since playing Asheron's Call 1. Heck even my GameSpot account is XBones as well as many other accounts and email.
Thanks for associating my alias with your controversial POS system.
Keyloggers, phishing, bruteforce PW hacks, all could be the way people are losing their accounts, and it truthfully doesnt matter, because of these things:
1. Blizzard forces you to set your login username as your email address. BAD idea, thousands of people have your email address. Not letting you pick a Username to login with makes all this hacking possible. You can probably get a persons login username from the forums even, through the profile. This is ABSOLUTELY the number 1 reason it is so easy to get into a persons account.
2. Non-case sensitive passwords. Enter yours in with all caps or none, and you get in just as easily, making it easier to brute force-guess the password.
3. No regional IP detection during login
4. No max attempts/kick at password entry.
5. Oh yeah, they are forcing you to play a single player game online so they can make money on a RMAH. Blizzard should be taking steps to remedy THESE problems, and they arent.
This is a security travesty, and more and more people will lose their stuff and quit. One good thing may come of this, people making future games might look at this trainwreck and learn something.
XBones' comments