Electrum 2fa Version

[Romance70]

Hello,

I have Electrum 2fa version.

My question is, why 2fa?
also without 2fa can i see or export the private keys, here you only need the password?

I only need 2fa when send Bitcoins.

Greets

[xdrpx]

If you only need 2-factor Authentication when sending Bitcoins, then you'll still required a "Wallet with two factor authentication" instead of a regular standard wallet. If you're confused as to the reason why you have a 2FA wallet in the first place, then it's becasue you have selected the "Wallet with two factor authentication" option when you first created your wallet and to add to thart information, you're making use of TrustedCoin's service to make use of 2FA. Do keep in mind that this is a paid service, and hence you'll need to pre-pay some amount of Bitcoins when you make your first transaction to use 2FA when you transact.



Also yes, if you have a standard or multi-signature wallet without 2FA enabled, then you can view and export your private keys for all your addresses. Also, remember your seed is like a master private key that you can remember alone to recover all the funds in your wallet instead of having to record / store each individual addresses private keys.

To view private keys in such a case you can go to Wallet > Private Keys> Export or click on Wallet > Seed > Note this 12 word seed down.

[BitMaxz]

My question is, why 2fa?

2fa authentication in electrum could increase your wallet security, but it will ask for additional fee base on what I experienced.

also without 2fa can i see or export the private keys, here you only need the password?

Yes you can find and see or export your private keys without 2fa, and you don't need a password (depends on your wallet if it's encrypted or not)
However, standard wallet in electrum is way more better and adding password is enough (not 2fa password) to secure your wallet.dat and no additional charges when sending bitcoin from electrum.

[Romance70]

OK, thank you very mutch.

but I think it would be safer if I needed 2fa too when i view or exporting the private key.

I hope you understand what I mean.
If someone has my password from Electrum, they also have my bitcoins, because it has the private keys too.
I dont't need 2fa for Login in Electrum and also i dont't need 2fa to see the Private Keys.

[swogerino]

OK, thank you very mutch.

but I think it would be safer if I needed 2fa too when i view or exporting the private key.

I hope you understand what I mean.
If someone has my password from Electrum, they also have my bitcoins, because it has the private keys too.
I dont't need 2fa for Login in Electrum and also i dont't need 2fa to see the Private Keys.

2FA is always added security but Electrum is enough secure itself when you follow at least a few guidelines like the ones below.

1. Install Electrum on an old laptop machine, yes even core2duo with 4 GB of RAM is enough to run Linux.
2. Keep this machine in the internet is no problem when you are on Linux.

You should have no problems transacting directly without the need of a 2FA in Linux.

If you are not a Linux user and don't like Linux and want to stick with Windows then 2FA is a good added security to your transactions.

[pooya87]

OK, thank you very mutch.

but I think it would be safer if I needed 2fa too when i view or exporting the private key.

I hope you understand what I mean.
If someone has my password from Electrum, they also have my bitcoins, because it has the private keys too.
I dont't need 2fa for Login in Electrum and also i dont't need 2fa to see the Private Keys.

there are 3 things that you shouldn't confuse with each other: Seed, Password, 2FA
no matter what type of wallet you are creating, your Seed is the only thing that is required to have access to your bitcoins.

normal wallets with 1 key: in these  you get all your keys with Seed, also if you encrypt your wallet you need the password to see the private keys. without them you can't do anything.

in 2FA wallets which they require multiple keys, these wallets are 2 of 3 which means you need 2 keys out of 3 to be able to spend bitcoins. when you start the wallet you generate a Seed which is 2 of these keys and then TrustedCoin will generate the third one. when spending you provide one key and TrustedCoin another. this increases the security because you only have 1 key in use and the other one that you own is not stored in your wallet you can only get it with your Seed. password will only expose 1 key so the security here is also a bit higher.

[Abdussamad]

There is no such thing as a 2fa version of electrum. There is a 2fa wallet type but you can have more than one wallet and they can be of different types. So if you want to create a standard wallet just do that.

As for the password it's only used to encrypt the secrets in the wallet file. It can't be used to derive your private keys. At least not on its own. You would need the wallet file as well. Alternatively if someone has your seed then they don't need anything else.

[HCP]

but I think it would be safer if I needed 2fa too when i view or exporting the private key.

I hope you understand what I mean.
If someone has my password from Electrum, they also have my bitcoins, because it has the private keys too.
I dont't need 2fa for Login in Electrum and also i dont't need 2fa to see the Private Keys.

No... they don't have your bitcoins if you have a 2fa wallet and they only have your password.

The 2fa wallet in Electrum is a special kind of "2-of-3 MultiSig" wallet... There are THREE master private keys that make up this wallet...

- Key #1 is stored (protected by the password, if any) within your Electrum wallet file
- Key #2 is NOT stored anywhere, but is able to be generated from your 12 word "seed mnemonic" only (used for "emergency" recovery, ie. TrustedCoin offline, lost authenticator etc.)
- Key #3 is stored with TrustedCoin on their server

The private key you see when you right click on your address in 2fa wallet is one of the private keys generated from Key #1... but without Key #2 and Key #3, there is no way for the thief to actually get your coins. They don't have access to Key #2 as it is "hidden", and TrustedCoin won't sign with Key #3 without the 2fa code, so they've only got 1 key... and your 2-of-3 MultiSig requires at least 2!


However, if someone has your 12 word "seed mnemonic"... they can restore the wallet, and DISABLE 2FA... this will put both Key #1 AND Key #2 in your wallet file... and they'll be able to self-sign transactions without 2fa.

This is why the requirements for getting coins out of a 2fa wallet are:

1. The wallet file, wallet password (if any) and 2fa authenticator code
OR
2. The 12 word seed mnemonic

[Romance70]

Well, that's very good and very safe.

And the seed is stored on my MAC?
Also i printed the seed and saved it on a memory stick.

I export my private keys to my memory stick yesterday,
then that was actually free?
I also got a warning when exporting the private keys,
it's a MuliSig Wallet, i hope ths was not a Problem.

[Abdussamad]

The private keys you saved are useless in the case of a 2fa wallet. The seed is what you need to backup.

>then that was actually free?

I don't understand what you mean by this

[Romance70]

I mean, the private keys what i saved are useless in the case of a 2fa wallet.

[HCP]

Well, that's very good and very safe.

And the seed is stored on my MAC?
Also i printed the seed and saved it on a memory stick.

The seed for 2fa is not stored anywhere unless you write it down (or copy/paste it into a file <-- BAD IDEA!)

If you look at the "wallet" menu in Electrum, you'll notice that the "seed" option is greyed out. This is because, unlike "standard" wallets, the seed is NOT saved into the wallet file...

I export my private keys to my memory stick yesterday,
then that was actually free?

Those keys are pretty much worthless... You cannot recover your BTC with just those keys.

I also got a warning when exporting the private keys,
it's a MuliSig Wallet, i hope ths was not a Problem.

The warning would have been about either protecting your keys, or a warning that they did not fully backup your wallet...

Exporting them won't have "damaged" the wallet, and while it probably decreases the "safety" by a very small margin... It's probably not enough to be concerned about it.

[Romance70]

OK, thank you very mutch at all..

I print the Seed and stored it on USB Stick (Word File), i hope thats not a Problem..

[bob123]

I print the Seed and stored it on USB Stick (Word File), i hope thats not a Problem..

Thats a pretty safe option. But note those two things:
1) USB sticks can break (UV-light, temperature changes, etc. can harm the device)
2) Your PC has to be clean when inserting the USB-stick. Malware could easily grab the seed as soon as you plug it in.

With the correct handling its an ok option to store a backup on an USB stick. But you have to be careful.

[Romance70]

I print the Seed and stored it on USB Stick (Word File), i hope thats not a Problem..

Thats a pretty safe option. But note those two things:
1) USB sticks can break (UV-light, temperature changes, etc. can harm the device)
2) Your PC has to be clean when inserting the USB-stick. Malware could easily grab the seed as soon as you plug it in.

With the correct handling its an ok option to store a backup on an USB stick. But you have to be careful.

Yes, I was very careful and printed and copied it on 2 new USB Sticks.

Besides, I think a MAC is safer than a PC

[bob123]

Besides, I think a MAC is safer than a PC

MAC might be a bit more secured against ever-day malware (95%+ of all malware is written for windows).
But the overall security regarding a targeted attack is just minimal better (not really noteworthy).

A dual-boot system with different partitions (different drives would be even better) for your OS's seems to be slightly better.
Use one system (e.g. windows) for every-day stuff and one OS (e.g. linux / mac) for crypto-stuff only.

[Romance70]

OK, thank you very mutch at all..