this is mainly intended for the support guys which can hopefully pass this upstream, i put a few hours work into fixing this myself because apparently noone on your end is able to to this (yes, i am pissed about that).
Nonetheless, here is what i did:
I used procmon (available from microsoft, formerly sysinternals) to trace which external resources have been accessed by d3 around the time the login failed.
first i thought it was related to bnet cache permissions, because apparently the required files where missing and i saw no reason why the client wouldn't just download them. That is in no way related to the problem i was having.
The real culprit is RSA key info, in my case stored at C:\Users\cmd\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-883593656-3793929378-1921406212-1000\9955f8d098296c8b4f3ff78dd91303ad_96e7f339-0ad2-43ef-86a9-7b3dffb0f7e2
After deleting that file, my login process was working as expected, no issues anymore.
I'd expect that filename to vary and if it does then this won't do much good for people who aren't able to use procmon, but i hope this somehow makes it up to the d3 dev team because it is GAME BREAKING and you guys didn't do anything about it, creating a new user account IS NOT A FIX, it is an insult to a paying customer.