And I got hacked.
Let me preface this by saying I do not use an authenticator, but I shouldn't need to.
I have a randomly generated password that is 17 characters long, that cannot be bruteforced. I run all the games I play in an isolated VMWare environment on my standalone "Gaming" computer which does not even even have an internet browser installed. Each game I play has its own specialized password and every week I generate a new password for each game account.
On top of that, in this extremely controlled environment I have (which I use for my purposes of my job when I remain at home), my network is controlled by a 2975 Cisco Catalyst Series Layer 2 switch. Every port except the one's needed for the specific game are opened and closed at launch time of that respected game. For example Diablo III will open up ports 6112-6119 when I launch the game. All other requests of any nature on any port or attempted on any port are logged and analyzed. Naturally, no intrusions have been detected. I might as well mention for my weekly password changes I spin off an RHEL EC2 instance on AWS and make all my changes with CURL requests that are encrypted with a 128bit RC4 cypher.
The only way I could possibly ever get hacked is if your servers have a vulnerability. Please don't tell me I need an authenticator.