Originally Posted by
~Unknown~
This is probably the only solution that could keep the account actually safe from logging in at will. However I guess if they were clever enough they could log into the battle.net account and take the authenticator off with just 2 codes in succession unless you restricted the automated part to like once a time period (one that restricts two codes to remove it).
The injected solution would only work well if you know the people using the accounts will have zero knowledge of how to retrieve the encoded account information and won't find someone who could.
All this being said, you could use both solutions, but nothing is really foolproof. I mean they have access to the account so why does it matter too much if they have the real info as well?