Over a million developers have joined DZone.

A tale about always-on DRM and web security

DZone's Guide to

A tale about always-on DRM and web security

· Web Dev Zone ·
Free Resource

Jumpstart your Angular applications with Indigo.Design, a unified platform for visual design, UX prototyping, code generation, and app development.


Diablo characters (I'm the guy with the shield)

Two days ago I was at a friend’s place and wanted to show her what Diablo 3 looks like. She shows me minecraft, I show her Diablo. Everyone’s happy.

But nope.

I run Diablo, I mash in my password because of course you have to log in to play a game with yourself. What could possibly be more natural … but okay, maybe I don’t want my cat to mess with my characters and Blizzard doesn’t want me stealing their game. Fair enough.

“Oh hai thar! We noticed some suspicious activity on your account so we decided you have to verify you’re you via Battle.net. Here’s a link to get you going”

Really? All I did was try to login from a different IP. I’m at a friend’s place damn it, this is a laptop, what if I wanted to play in a coffee shop or on a plane or a pterodactyl?

Sigh, fine … I click the link expecting I’ll just have to login on Battle.net so they can confirm I also know how to login with a browser and supposedly am not hacking.

Tap tap tap.

“So, you want to give us some digits of a physical copy of a game even though the only game associated with your account is a digital-only copy of Diablo? Or do you want to try answering your secret question?”

Well crap, this isn’t just about logging in. I have just been forced to reset my password via a security question just because I tried to play a game at a friend’s place!

I try once. I try twice. I try three times. Nothing.

This can happen when you choose random security questions and don’t always answer truthfully because, you know, social engineering. Usually I just mash my hand over the keyboard.

“You have made too many attempts! Your account is now locked! Contact support.”

Oh okay! Right. I’m using the wrong account! I used swizec@swizec.com for the Diablo3 beta, then was unable to recover it when I wanted the full game. The real account is swizec+battle@swizec.com

Let’s try again.

A few attempts later … OH! The security question is different on this account. Fuck me.

Yay, I’m in!

After two round-trips via email, countless attempts at answering the security question, numerous fiddles with the password to get them all matching and fitting the security rules I am finally in.

That’s it. No Hey thanks, no, You can go game now, just a cold account dashboard.

Close tab. Run game. Log in.

“Your password is incorrect”

Oh for fuck’s sake! I mistyped my password … twice … consistently enough that they matched.

Diablo massacre

Diablo massacre

Sigh, now how do I change my password?

“Okay, just give us your old password and you can change it”

But I don’t know the old password!

Log out. Reset password. “You have made too many attempts! Your account is locked! Contact support.

Oh fuck me. Fine. I will contact support because this is getting silly and I am fed up with you mr. Battle.net!

Clicky clicky through tens of questions trying to divert me from contacting a real person and making me solve my own problems. I battle it through like a champ and finally reach three options: Submit ticket, live chat, phone call.

Live chat and phone call are currently offline. Well okay, it is midnight and you are the European Blizzard support people so you’re probably sleeping. Fine.

I click Submit ticket.

“Please login to your Battle.net account to submit tickets”


I threw the computer out the window and cried myself to sleep.

Ok, in reality I carefully put the computer away after slamming it shut ever so gently, it’s new you know, and watched a movie or something with my friend. Screw Diablo.

Next day I got home and unlocked my account without a fuss. No hint of too many attempts, no complaints about suspicious activity. Nothing. Just worked.

I’m confused. Yesterday my account was hacked and Terrible Things ™ were going on, today everything is fine and you don’t even warn me that a crazy amount of stupid was happening last night? Right …

Take a look at an Indigo.Design sample application to learn more about how apps are created with design to code software.


Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}