Players of the massively multiplayer online role-playing game (MMORPG) World of Warcraft can now use two-factor authentication similar to what many banks and investment firms have adopted, developer Blizzard announced last week.

The Blizzard Authenticator, a key fob with a button and small liquid-crystal display, generates a six-digit number every thirty seconds and will display the code when the user presses the button. Once the authenticator is registered to an account, using a unique serial number on the back of the device, a player will have to enter their password and the six-digit code to access their account.

"It's important to us that World of Warcraft offers a safe and enjoyable game environment," Mike Morhaime, CEO and cofounder of Blizzard Entertainment, said in a statement announcing the additional security measure. "One aspect of that is helping players avoid account compromise, so we're pleased to make this additional layer of security available to them."

The news comes a week after Microsoft found an enormous number of PCs infected with Trojan horse programs designed to steal online-game credentials. Online game accounts have been increasingly valuable in the underground economy, especially in the Asia Pacific region.

A number of banks, such as E*TRADE, as well as online payment service PayPal have adopted such physical tokens as a way increasing the security of their services. Such security is not unhackable, but it forces attackers to piggyback on a victim's banking session in real time, limiting the attack window. Moreover, such attacks may not work in an online game such as World of Warcraft.

The authenticator can be bought from the Blizzard Store for $6.50.

If you have tips or insights on this topic, please contact SecurityFocus.