Please switch to standard TOTP

Blizzard, I don’t want yet another app on my phone. Please consider switching to industry standard OTP. I’d much rather use Google authenticator.

4 Likes

Absolutely, their app was broken by an update like 2 years ago for me so I was forced to removed it. Also remove the number requirement bc like this even if I could I can’t add 2FA back now I can’t, ain’t falling for that scam, it’s insecure and privacy invasive and makes 0 technical sense to require for TOTP.

Thank you tyl0413 for pointing out I need to be specific about OTP.

I want TOTP. I want to use Google Authenticator, Microsoft Authenticator, OnePassword Authenticator, or any one of the numerous other Authenticators that all use TOTP.

Now tyl0413, I struggle to comprehend what you wrote. I think you’re saying that even TOTP should not be done. I disagree here. This added layer of security makes it so if someone gets your password they still won’t be able to access the account.
TOTP is not an invasion of privacy. Blizzard would generate the random security key and this random number has nothing to do with the user’s personal data.

I very clearly wrote that the phone number requirement needs to be removed to use TOTP (or even just the current proprietary authenticatior). I want to use TOTP which is much superior to SMS 2FA which is basically useless for security and for most is a highly identifiable piece of information.
Blizzard and every other one of these trash companies for that matter need to stop with their personal information harvest.
They’re never getting a number (or a real one at the very least) out of me and locking account security even with their proprietary TOTP implementation behind it is completely unacceptable. Just like they’re locking the “free to play” Overwatch 2 behind an expensive mobile contract.
Also funny how none of my online accounts were ever hacked but I have almost lost my Battle.net to Blizzard’s sh!tty broken proprietary 2FA app which just further shows that it’s better to go without 2FA of any kind until Blizzard gets their head out of their a55 and gives us real TOTP without any arbitrary restrictions.

i’m in the same dilema.

i won’t enter my phone number, because there is no sane reason to do so.

i have a good and working authenticator app that i use for 30+ logins now. from amazon, discord, microsoft, square enix and so on. none of those services forced me to install their proprietary authenticator app, some recommended, but did not enforce!
also the app is fully encrypted with password and/or biometrics needed to open it.

to recover a account i’m always given recovery/emergency codes i stored at my password storage tool. no need for a phone number to recover a fatal loss.

not so blizzard. they not only force their own crappy app on you, they also enforce a phone number.

so right now i don’t have 2fa enabled, reducing security. nice job blizzard.

p.s. i also have multible yubikeys, in case hardware would be a better solution.