Anyone make a new account lately on useast ? Is it me or is account reg broken for new accounts.

it is broken on all legacy realms.

its better to attempt and try again, if it works on the second try is anyone's guess. for me its a crap shoot in sometimes it does work and sometimes it just fails.

I never registered any accounts, makes it easier for someone to snag it, all they gotta do is find out your email then you're screwed

so lets go over this exploit,

alice and bob

alice is email is alice@gmail.com
bob is bob@gmail.com

alice asks bob for his email so he can "steal" an account
attempts a password reset on bob@useast but cant access bob@gmail.com so the account is never stolen unless bobs email itself is compromised.

---------------

you ask blizzard for a password reset saying you cant login
bliz asks you for the linked email to send a 2fa to reset the pass. the email provided must match email on record. if no email on record the account is gone and the bliz rep cant reset the pass it will be left to expire. you must supply the correct email and have access.
(you dont have access to email you are locked out)
you never get the 2fa token
account is never stolen


--------------------------

is bobs email compromised? nope

i dont see the exploit please help are you talking about social engineering bob with a session hijack or using a rat? then yes that is very easy to pull off and meet the requirements to access the account but this is not normal security conditions. this also assumes bob falls for the malware exploit to compromise the email to access the d2 account.

what am i missing? have you tried and it actually worked? i assume not and you are just repeating what you heard without testing.

Explain

Same concept as double reg'd accounts, another way ppl can gain access to your assets

Not much of a diff really. You leave it unreg someone finds way to register it to another email.

To make it very clear for everyone. Double-reg has been fixed/patched, Its no longer possible (All links are broken)
But then after, someone dig deeper to find another exploit and turned e-mail registry against their own owner.

Only safe is no e-mail attached now, if you have an e-mail to your account. Let it expire & re-create it again after 90 days without any e-mail entry. Skip that process

You will thank me later

And to those who still thinks as of today, that its something to do with malicious infection. Your all in the wrong, Nobody that got their acct snap by bboy22 had virus. Its an e-mail exploit simply

Nah not if unregistered, unless it's an account that has silently been registered already to be a double reg..

Every account I had that I did not register was always safe, only way for someone to gain access is if you give out your PW or click a corrupt link or accept a hack with a keylogger

This post was edited by SuNiNmYeYe on May 2 2026 03:55pm

Basically what I said 😂