Quote Originally Posted by Gomotron View Post
To manually remove the authenticator from an account from the Battle.net site, you do not need to have the serial number to the authenticator.

However, you do need to input 2 consecutive authenticator keys. That protection makes this type of attack nearly impossible to carry out. Not impossible, just nearly so.

In order to remove the authenticator from a Battle.net account when you no longer have access to the authenticator is a bit more problematic. I have had 2 iPhones crap out taking the authenticator program with it, and since the authenticator program uses the serial number of the phone itself as a portion of the key generation algorithm, this means that a restore to a new iPhone does not result in the correct key being produced. I have had to fax in a form to Blizzard with specific account information and also a photocopy of my government issued ID card (for me a driver's license) and they then removed the authenticator from the account.

Just FYI.
This is why i use a hardware authenticator instead of an iPhone app.