Below are some steps that you can use to protect your World of Warcraft account from being hacked:
- Make sure Windows has all the latest security updates installed. This can be done through Windows Update.
- Make sure Adobe Reader, Adobe Flash, Adobe Shockwave, and Sun Java are all using the latest versions. These programs are known to be exploited by sites so that Trojans and other malware are installed on to your computer without your permission. Some of these malware may be WoW keyloggers and password-stealers. A great program to use for scanning for outdated and insecure programs is Secunia PSI. A tutorial on how to use this program can be found here: How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector.
- Purchase a Battle.net Authenticator from Blizzard. These devices come in two versions, a United States and a Canada, Australia, New Zealand and Latin America version, for $6.50 USD. These devices are connected to your Battle.net account and make it so your account cannot be hacked. It protects your account by requiring you to enter a unique one-time use password that is used in addition to your normal password every time you login to Battle.net. This unique password is displayed on the authenticator. There are no shipping fees for these devices.
If you have a iPhone, iTouch, or iPad you can download and install a free Battle.net Mobile Authenticator. More information about this application can be found here.
- Use strong passwords for your account! Hackers can use brute force tools to try and crack World of Warcraft accounts. These brute force applications will try a constant stream of different username and password combinations until a match is found. When one is found it will save it to a log file that the hacker can then use later to login to the hacked account. As many people use weak passwords (first names, easy number/character sequences, common dictionary words) it is possible to hack many accounts in a short amount of time. Therefore, when creating a password for WoW, please use the following guidelines:
- Do not use words that can be found in a dictionary. Even words that are reversed.
- Do not use your first name or last name as a password.
- Do not use your account name as your password.
- Do not use common keyboard sequences such as QWERTYT, ASDASD, 1234, etc.
- Do not use the same password on WoW as you do on forums, email, banking, etc.
- Always have at least 1 upper-case letter in your password.
- Always have at least 1 number in your password.
- Always have at least 1 symbol (%,$,&,$,!, etc) in your password.
- Make your passwords at least 6 characters. The longer the better. The more characters the harder it will be for brute-force programs to crack your password.
- Install an anti-virus program to protect yourself from keyloggers and other password-stealing programs. Also perform occassional scans with Anti-virus and Anti-malware scanners. Good scanners to use periodically are Malwarebytes' Anti-Malware, SuperAntiSpyware, Kaspersky Online Scanner (only scans, does not remove), and ESet Online Scanner. Make sure you update the definitions of any locally installed programs before scanning with them!
- Do not give your account login credentials to anyone else, including family members and especially gold farming and leveling services. Gold Farming and Leveling companies are third-party and you have no idea who they are. If you want a secure account, then you should not let any third party have your login information, especially considering that you do not know how that information is protected.
- Be careful what links you click on in forums related to World of Warcraft. It is not uncommon for unethical users to post links to sites and downloads that install keyloggers or other programs that can steal your account credentials.
- Be careful in regards to what add-ons you install for WoW. Use only reputable add-on sites such as Curse.com, WowAce, or Wow Interface. Also note that according WoW's UI add-on policy, any add-ons must include the source of the program. If you download an add-on, and it does not contain the source, then be wary of it.