I really don't understand why wallets have no Two-factor authentications !
So many people would still have their coins.
This should be the number one priority for the dev-team.
What u guys think?
And how will this be done? Who will hold the second key?
It would work as follows:
1.5 factor authentication
Implement a normal Google Authenticator or Authy code into the wallet below your wallet password when you want to do a payment. The Google Authenticator or Authy app exists on your mobile phone. To set it up the wallet needs to display a QR code or manual code during first setup that becomes the secret key between the wallet and your mobile phone. The wallet then just need to calculate the code based on the secret and the algorithm just like it works on the exchanges. The secret key between your wallet QR code and the mobile phone becomes the 2nd key, of which the derivative the changing code is entered into the wallet at payment time. However the secret key also exist in the wallet and therefore could become available to the hacker as well in a similar way than the wallet private key.
2 factor authentication
True 2FA is when the code or response is not entered into the same channel as the password, but is sent via a separate channel (out of band). For this to work there needs to be a backend server, but since the crypto-currency principle is based on p2p there is no backend server that can match a challenge-response to your wallet payment request. It is however possible to implement true 2FA on the exchanges because currently they all implement just 1.5FA.