2FA/Wallet Integration
-
Bounty Details:
To collect this bounty, we require an open source
Bounty Address:
BTC: ?
FTC: ?
UFO: ?
PXC: ?ORB: ?
Current Bounty:
? btc
? ftc
? ufo
? pxc
? orbResources:
-
please bare with me as I put these threads together…
-
What is 2FA/Wallet Integration ?
If we upgrade wallet to 0.9.X bitcoin core, can impliment it ?
-
The requirement for a second stage of authentication when moving funds rather than just a password. So you’d enter your password and then be required to enter a time code or similar from a device only you possess. The simple solution could be a printed grid, where you have to enter characters from row 13 col 12 or something more complicated like Google Authenticator, Authy or YubiKey
-
Even just an email sent to the stored account so they would have to hack your email and your wallet?
-
I wouldn’t consider that enough, if your system has been compromised you have to presume that e-mail too has been compromised. The purpose of 2FA is to verify that you are the person by proving that you have access to something physical that has been previously registered with you. If it’s a piece of hardware, then there’s the risk that people won’t enable 2FA if there is a cost involved. More people would have access to something like google authenticator or authy on their mobiles, but I still think a simple ‘paper’ solution might be a nice backup. I mean, what happens if you lose your phone and get locked out of your wallet. Double whammy of loss. So it’s clear that we need to be responsible in it’s implementation.
-
Wouldn’t paper not work? Isn’t the idea that the code needs to be dynamic?
Otherwise if it was paper then it’s just a simple code that could be brute forced in time? Would that give equal to or greater strength to say google auth?
I once had a hardware dongle from my bank which actively changed… Is it possible that there’s an open source solution we could modify?
-
Last pass uses it as an option. You’d be asked for characters of say 7A, 9L and 1Y.
Maybe just as a recovery option?
-
Hey that’s cool…