Mobile Authenticator users should be on the lookout for an update to the mobile app. Its not clear whether Blizzard has any plans to deal with compromised data for dial-in authentication users.
Enable Two-Factor Authentication (Eventually)
Yes, potentially damaging information was stolen for Blizzards two-factor authentication system, but in the long run its still more secure to use a two-factor log-in system. By using two-factor authentication you are creating one more hurdle for hackers to get past, and most of the time this will make it much harder to compromise your account. But users might be wise to wait to enable this feature until Blizzard releases its software update.
Blizzard offers Battle.net users two-factor authentication through a $6.50 keychain attachment that supplies a log-in code or the Mobile Authenticator app. You can buy the physical authenticator directly from Blizzard. Battle.net Mobile Authenticator is available for iOS, Android, Windows Phone 7, and BlackBerry.
Consider SMS Protect
Blizzard offers another security option called SMS Protect that will send a text to your mobile phone if suspicious account activity is detected or any significant changes are made such as password changes. You can also use SMS Protect to unlock your Battle.net account, remove an authenticator, recover your account name, and reset your password.
Review Your E-Mail Security
The recent hack that tore apart the digital life of Wired reporter Mat Honan reminds us that compromised accounts can often snowball across connected services. So you should review the security surrounding the e-mail address for your Battle.net account.
First, you should make sure the password for your e-mail address isnt the same as your Battle.net password. If it is, you should change it immediately. For password creation tips check out Password Management: Idiot-Proof Tips and Google Offers Advice on Secure Passwords. A password manager such as KeePass, LastPass, or 1Password can also save you if you forget your new e-mail password.
Second, you should check to see that your e-mail accounts recovery options are up to date, including any security questions and alternate e-mail addresses. Honan lost control of his digital life after hackers were able to access the back-up e-mail address for his Gmail account. Hackers already know the e-mail address connected to your Battle.net account, so be wary of attempts to break into your e-mail via account recovery options.
Finally, if your e-mail provider offers it, you should also enable two-factor authentication for added protection.
Watch Out For Phishing E-mail
Blizzard is advising its users to watch out for e-mail purporting to come from Blizzard in an attempt to steal your account credentials. Blizzard says it will never ask for your password or log-in information via e-mail.
Sign up for CIO Asia eNewsletters.