Bitcoin Forum

Hello.

I use Electrum at the most basic level and as far as I understand it does not have a 2FA feature and this makes me sad. It's just that my electrum is installed on two laptops at once, one of which is located in another city (my sister, who in turn lives in a hostel). And this means that from time to time she has to leave her laptop unattended. In those moments when I have several hundred dollars in my wallet, this does not bother me, but when it comes to a larger amount, I would like to be sure that my coins are safe.

Question: If a worthy replacement for Electrum but with 2FA?

Electrum does have the 2FA feature[1] but it comes with a price[2].

Why not just buy a hardware wallet though? It's definitely worth the price if you're planning to store large amounts of money.

[1] https://electrum.readthedocs.io/en/latest/2fa.html
[2] https://api.trustedcoin.com/#/faq#fees

You can create a multisig wallet (2 of 2 Multi-Signature address) so that your coins can be sent if the message is signed by both devices (both devices click on sent button or two cosigners need to sign a transaction ) read more about it here https://electrum.readthedocs.io/en/latest/multisig.html (https://electrum.readthedocs.io/en/latest/multisig.html)

The multi-signature wallet is a higher level so I advise you to read more about it and watch some videos before doing it.
watch this https://www.youtube.com/watch?v=cAP2u6w_1-k (https://www.youtube.com/watch?v=cAP2u6w_1-k)


You should know, as the wallet is connected to the Internet, wallet seeds are created in an offline environment, the more secure your coins are, so it is unwise to have the same private key present in more than one online device.

Is there any specific reason you have the same wallet in two different devices? If you answer this question, someone may be able to give you a solution better than 2FA.

With electrum's 2FA, as mentioned by OmegaStarScream, you will be charged an extra fee and it may not be a good solution for you.
And if you want to use a wallet other than electrum with 2FA feature, then you will have to give full control of your fund to a third party.

Why does your sister have access to your wallet too? This seems like a highly unnecessary security risk. The best option here is for you both to create your own wallets, and you can send coins to each other as required.

The alternate option is to set up the same 2FA wallet on both computers and move your coins to it. You will need to share the 2FA set up code with your sister if you also want her to be able to spend coins from the wallet without having to ask you for the 6 digit 2FA code every time.

The other alternate option is to set up a 2-of-2 multi-sig wallet between you and your sister, so you can only spend coins from the wallet when you both agree to it.

2FA is most probably not going to provide you any security if your concern is if another person has access to your wallet and keys and she leaves it open and accessible to many others who could possibly access it too! They could easily access your 2FA too and render it useless.
What you need to do is to cut off that access first and if you want to share your coins with someone else then use a multi-signature scheme between the two of you.

With what I understood from what you posted is that you have a wallet on your device and your sister device as well, having hundreds of dollars makes you still felt secure before, but now having thousands of dollars makes your to feel insecure about it. You trust your sister and you still want her to have access to your wallet just like before.

Then, why need a 2fa wallet? Or you have another device and your sister have another device, or both of you have hardware 2fa device for you to setup the 2fa? If you want to have the 2fa app on the devices both of you are using to access the wallet, then the wallet is not more than secure and safe just as the one you setup before because who will access any of the two device (your device or your sister device) can be able to access both the wallet and the 2fa app. Then no additional security.

Using 2fa setup on electrum, your wallet generates three keys, two are with you and one with TrsutedCoin, making it a unique 2-of-3 multisig setup. But anytime you want to spend, there are additional fee charged by TrsutedCoin for using it. You can read about it OmegaStarScream's post above.

What I can only recommend you is to read about how to create a multisig wallet on Electrum (https://bitcoinelectrum.com/creating-a-multisig-wallet/#:~:text=A%20multisig%20wallet%20is%20one,the%20funds%20in%20the%20wallet.) and understand it perfectly, it is the best choice for you. You can create 2-of-2 multisig wallet, warning your sister how losing the seed phrase will lead to loss of fund. But if it is me, I will prefer to create 2-of-3 multisig wallet, 2 out of the 3 will be generated on my device, I will write down the seed phrase of both down and have the backups in different location and delete one of the wallet on the Electrum app on my device, leaving only one for myself and using it for making transaction. But let your sister know about this to let her have the full knowledge about how multisig wallet works.

The first question is: does your sister also have to have daily access to all those funds? My guess would be that she doesn't, hence all you have to give her is a backup of the seed (offline). You two can also agree on a set of custom words she doesn't have to write down. I advise you keep one more copy of seed somewhere in the house and also keep your custom word(s) somewhere else.

If she has to spend too, maybe you buy for both of you hardware wallets and you use your HW seed also on her HW (just she will have to keep her HW at herself every time, since HW can be hacked into if one has physical access to it; at least it can be much smaller than a laptop).

Or just set up a different wallet for you, leaving her with smaller amount of coins.

Or, yes, Electrum's 2FA, just pay attention at the fees.

However, keep in mind that whatever you do you need proper offline backup for the seed.

Not a good idea to use any kind of "custom words" when it comes to security critical actions. A better approach would be to use 2of3 multisig where OP's sister owns one key (as you suggested in a hardware wallet would be ideal) and OP has 2 keys (one is stored in the "hot" wallet and the other in cold wallet, maybe only existing on paper). That way the sister can not lose any coins and at the same time OP can still recover the funds if the sister lost the words.

His sister wouldn't be able to lose the coins or have them stolen with this setup, but she also wouldn't be able to spend anything without the brother's permission (aka signature). That might turn out to become bothersome if she has to contact him each time she wants to spend from the wallet. He has to stop doing whatever he is doing at the moment to sign the transaction.

---

OP, I see no reason why the same seed should be replicated across two different laptops. A mistake caused by either side results in the loss of all coins. If you want your sister to have access to some Bitcoin, fine. Have her create her own wallet and send her her fair share. Transaction fees are cheap and 1 sat/vByte is all that is required most of the time. If she messes up, or you mess up, only a part of the coins would get stolen. That isn't the case with your current setup.    

There is no way around this with a single wallet. Either she can spend the coins without any input from him in which case the coins are vulnerable to being stolen from her, or the coins cannot be stolen from her in which case she needs his input to approve or co-sign every transaction. The only somewhat workaround to this would be for them to both use the same Electrum 2FA wallet with them both having the relevant 2FA code on their respective phones.

OP needs to decide exactly what use case he wants, but two separate wallets is probably going to be the best option.

As others have mentioned, there is a third-party 2FA provider that works with Electrum.  But, I don't recommend it.  In my opinion adding a third party goes against one of the most critical advantages that bitcoin offers.  There's another reason not to use Electrum with 2FA; it's kind of expensive.  TrustedCoin 2FA costs 0.002BTC for every 20 transactions.  At bitcoin's current value that's more than the price of a secure, open-source hardware wallet.

My recommendations:

If your sister does not have or need access to your funds, but you don't want to travel with your laptop: Buy a hardware wallet and use it to process transactions from either location.

If your sister needs access to the funds, then there are a couple of solutions you can employ:

1. Create a multi-sig wallet that requires signatures from both of you to spend the funds.  This is the most affordable solution, although it may not be the most convenient.

2. Create a separate wallet for your sister, and pre-fund her wallet as needed.  This is a very affordable solution despite having to pay extra transaction fees.  Transaction fees can get crazy from time to time, but most of the time they are very low, and it'll take an enormous number of transactions to spend 0.002BTC on fees.

3. The other solution is to buy two hardware wallets, one for you and another for your sister and set them up with the same wallet.  This is a relatively expensive solution, but a very secure one.

The two current payment options are:

• 0.0005 BTC for 20 transactions (2500 sats per transaction)
• 0.00125 BTC for 100 transactions (1250 sats per transaction)

TrustedCoin periodically adjust their prices depending on the fiat value of bitcoin. So you are still paying an extra $1/$0.50 per transaction at current prices, but not quite as bad as you say. I still don't recommend it, though.

Thanks for the correction.  Yeah, that's much more affordable than I thought, but I also think there are better solutions.