I would also like the ability to opt out. I want it to ask every time. I don't mind the minor inconvenience and don't want to lower my security level. I am just worried that this will give the hackers out there a new way to get into accounts that have authenticators on them.
I try to be as careful as I can while surfing and have up to date antivirus / antimalware software. I use Firefox with noscript, adblock, and flashblock. But I still know that day zero exploits could potentially compromise my systems so I like having the authenticator always there as another layer of security. I just wish I could protect my email with one also.
My understanding is the Idea behind this, is immediately when your account is flagged to login from i'm assuming a different IP/Physical Location the Authenticator window pops up, But if you login from the same location/ip frequently/always, then it skips that process.
This is under the assumption it works full proof, I'm sure if someone finds a way around it blizzard will either be a step ahead, or change it back to normal.