Thank you for such explaining answer.

I still don't understand the difference. I can start WoW via launcher without entering any password - and everybody does this. So Blizzard thinks this is ok and secure. Why starting WoW from command line is insecure?!

I expect that "-launcherlogin" parameter does exactly what you told in point 4 - asks for token from launcher. Moveover, it looks like it really does this - since client is trying to login. The problem is that login is failed for unknown reason. And unfortunately, it looks like that Blizzard aren't going to fix it.