Nature of the new/consolidated authenticator - TOTP?

Ailuridae-11242 · December 4, 2023, 12:33am

The old authenticator was based on TOTP, with a few bits that were not commonly used, but within the spec. Mainly using 8 digits instead of the common 6. With a little work, one could extract the info needed, and plug it in to at least some standard TOTP authenticators (things like Authy, Google Authenticator, though not those two specifically).

So for years I have used AndOTP and more recently Aegis Authenticator for BNet auth, just like I use them for every other TOTP 2FA site/app. Wondering if the new setup is also TOTP based so will be able to re-register it and keep using my standard TOTP app. I hope so, as I have never had the Blizzard authenticator app, nor the blizzard mobile app on my phone and don’t plan to start now. Would hate to loose my 2fa…

Though, I suppose with D4 being terrible and OW2 circling the drain, my Blizzard account getting stolen is sounding less bad than in the past…

Kalidarn-1132 · December 6, 2023, 1:00pm

It is still possible. The API endpoint has changed so the previous tool to extract the secret will need to be updated. github .com/beemdevelopment/Aegis/issues/1239

Ailuridae-11242 · December 14, 2023, 1:27am

Thank you, github .com/jleclanche/python-bna/issues/38#issuecomment-1746656464 instructions worked perfectly

(also not clear if I actually needed to redo the authenticator, it is possible the existing setup would have kept working without issue. But good to test out that it works, and if it did need regenerated, well, it has been)