‹ back home

Using FreeOTP with Battle.net

2016-11-23 #battle.net #security

Some battlet.net users have requested, over and over to use other apps as a battle.net 2FA. These include FreeOTP, Authy, and possible others (Google Authenticator, AFAIK, cannot be used since it lacks the ability to configure the amount of digits).

After some searching the web, I found out all the pieces of the puzzle are out there, but nobody built it entirely, so here goes!

First of all, install bna using pip. AFAIK, python and pip should be part of the base OS in just about any OS/distro except windows. On windows, you’ll have to download and install python (the latest version is fine).:

pip install bna

Then, generate a new authenticator:

$ bna --new
Success. Your new serial is: US-1611-2467-4116 06184679

Visit the authenticator page at battle.net, and like the new authenticator using the provided serial. Obviously, don’t copy the above, but the output of your own.

Now to link that to your phone! You can get all the information via the CLI:

$ bna --otpauth-url
otpauth://totp/Battle.net:US161124674088:?secret=KMN3RTIFHLNDEMIHDIVXVGXK2GB33VW5&issuer=Battle.net&digits=8

In the above example:

If you’ve qrencode installed, you can also run:

bna --otpauth-url | qrencode -o ~/BNA-qrcode.png

Which will generate a QR code which you can scan in your home. I tried to scan it, but FreeOTP didn’t generate anything for me. Not sure if it’s a glitch or what.

That it! Just a reminder, keep your secret and serial numbers secret anyone who has access to these can basically spoof your 2FA codes!

— § —