Originally Posted by
Jarlathe
You can go into the settings and goto the restore option to get the serial number of your authenticator. Once you have that, you can restore the authenticator on any device that supports (iOs, Android, emulator) it and generate the correct number. This is what I did when I went from my iPhone to my Android. Now, where I would have an issue (abit a small one) with the OP's method, is I'm pretty sure that you can get that serial number in the emulator, so if you have a keylogger, what's to say it doesn't scan your computer to check for that and grab the serial number?
See my blurb above, they don't need the code that is generated, they only need the serial number that's tied to your account and they can come back at there leisure. This is also like a man in the middle attack.
I guess you've never heard of, or seen a flash exploit or a java exploit? I guess you go and check each site daily to see if there are updates? I also assume you hang around, or are a member of an elite hacking group that has access to the latest vulnerabilities that they've found in these two programs? Both Flash and Java are known to be major security holes in the windows OS, back in the day, this is how the majority of these keyloggers were getting installed. Person goes to a legit website (MMO-C, Curse, Wowhead ect.) and gets an add displayed. BANG, you are now infected with a keylogger and your account is stripped.
Granted, the sites I gave as an example have become more involved in what adds are getting displayed, but sadly, alot of legit gaming sites still don't give a shit what the add company is serving.
You may think you're 100% secure, but you really aren't. Anyone that thinks a computer can be 100% secure on the internet is an idiot.