It appears that my Battle.net password is being stored on my PC. Surely this is a big security risk, because if a hacker gained access to my PC they could also gain access to my password and thus change it and lock me out of my own account. It seems a better solution would be to store a session key on my PC, because if an attacker did access my PC and get the session key, they wouldn’t then be able to change my password and lock me out. Please refer this security concern to the IT department or the dedicated IT security staff if Blizzard has that function. Thank you for reading.
Do you have any proof of the password being stored in some format on the PC?
I did a quick plain text search in 2 common Battle.net folders and did not find a password on quick search. Even if they stored a session token, the attack mentioned would not change as an attacker with access to the file system could steal that token as well. Instead, you are asking for some kind of TPM validation.
If an attacker was able to get the password, they would still need to get pass 2FA as well as password recovery email and/or SMS.