ChainLock your online accounts using a bitcoin address

[ChainLock]

ChainTight Security has introduced ChainLock, a product that allows users to lock all or part of an online account using a bitcoin address.

An account is locked by transferring a small amount of bitcoin into the address, and the account is unlocked by transferring bitcoin out of the address.

A user can check the status of their account (locked/unlocked) simply by checking the balance of their bitcoin address without needing to log into their account.

There are also several enhanced features that ensure the security of a user's online account.

You can view tutorial videos of ChainLock here:

http://chaintightsecurity.com/content

Imagine how much bitcoin will explode if used not just as a store of value (digital gold)... not just a currency... but also an authentication protocol for all of the banks, equity markets, exchanges, etc. As people engage bitcoin as an authentication protocol, they will begin to understand ALL of the benefits of bitcoin.

[1713936967]

1713936967

[1713936967]

1713936967

[1713936967]

1713936967

[franky1]

as a concept of EG bank of america themselves monitoring a key(as a 2FA), is a step forward compared to the BitID concept.
where you no longer need to sign a message and paste it each time.
thus making it easier to prove authentication quicker.

but the flaw is giving chainlock your "account" login where you use chainlock as the middlemen. and they control the account.

sorry.. but um, nah.
i think bank of america will do their own bitcoin 2fa without "chainlock" as middlemen thus remove a security flaw (middlemen)

good use of furthering and enhancing the bitID concept. but trying to make a business as being a middleman will be the downfall.
there is a reason banks dont use facebook as a login and google 2fa..
middlemen are a security flaw.

i can however see a bank or service incorporate the concept directly under their own self monitoring.

[Felimon]

I find this interesting however I do not know know much about this.  Please explain more about this or tell me where I can go to read more about this chainlock and see if it is something I can use myself.  Thank you in advance.

[~Bitcoin~]

Concept seem quite interesting but not clearly explained in first post, i think if you can also add few screenshots with working demo link on how this platform works it will be helpful to understand.

[ChainLock]

Thanks for the comments.

The last two commenters asked for more details, and we encourage people to watch our demo video which provides a good overview of the basic concept.

https://www.youtube.com/watch?v=6wgHyOxJf9Y&t=135s

The first commenter seems like a person that immediately assumes he understands everything about anything, and why it won't be adopted.

Please believe that ChainLock is easily the best security product on the market today.  We have explained the difference between simple public/private key authentication such as BitID and SQRL as compared to ChainLock here:

http://chaintightsecurity.com/content/

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

[clickerz]

as a concept of EG bank of america themselves monitoring a key(as a 2FA), is a step forward compared to the BitID concept.
where you no longer need to sign a message and paste it each time.
thus making it easier to prove authentication quicker.

but the flaw is giving chainlock your "account" login where you use chainlock as the middlemen. and they control the account.

sorry.. but um, nah.
i think bank of america will do their own bitcoin 2fa without "chainlock" as middlemen thus remove a security flaw (middlemen)

good use of furthering and enhancing the bitID concept. but trying to make a business as being a middleman will be the downfall.
there is a reason banks dont use facebook as a login and google 2fa..
middlemen are a security flaw.

i can however see a bank or service incorporate the concept directly under their own self monitoring.

I agree and its more of a Security issue here. How much do you trust for your bitcoin account for that middlemen?Though the idea is good, but people are hesitant to trust their bitcoin to anybody.

[Kprawn]

Thanks for the comments.

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

Howard, that is a very bold statement to make.. Why would I have to pay US$ 0.28 or whatever amount with miners fees to access my

accounts? The 0.28 cents... adds a lot of extra cost, on top of all other banking fees for people with much less money, than the $9000 you

have in your account. This type of charging additional fees to access your account are typical of fiat banking systems, not Bitcoin.  ... I

do not even want to go to scenarios where confirmations takes 2 hours. 

[Milkduds]

sorry.. but um, nah.
i think bank of america will do their own bitcoin 2fa without "chainlock" as middlemen thus remove a security flaw (middlemen)

The first commenter seems like a person that immediately assumes he understands everything about anything, and why it won't be adopted.

Please believe that ChainLock is...[edit]

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

I agree with what Franky is stating and the response to him just points to why people should be weary of this business. Its bad tact
to insult people that are actually reading this advertisement that is actually in the wrong forum to boot.
You are asking people to "Please believe..." and that is sketchy as hell,when we are talking about you acting as the secure link in transactions. Finally it does matter if people have doubts and you should be working to address the doubts rather than tossing them to the side because you believe the product is superior. You need to work harder on talking to the customer,as you are coming off in a manner that is raising multiple red flags.

The main issue I have is you did not explain why Franky is wrong and I would like to see you address this.

[franky1]

if a bank wants a bitcoin based 2FA they will use their own internal blockchain explorer and ask their own customers to add a public key for the bank to watch.
the business plan:
banks/services wont pay a licence fee to a company who requires access to peoples account to control what an account can or cant do.
that alone is already a breach of customers terms of use of all banks and many other services. even if you update your business plan so its just an API request access. this is still a middleman security flaw.

though the concept of using bitcoin funds is more user-friendly compared to bitID's requirement of copy/pasting a message and then copy/pasting a signature. there are flaws in your business plan

trying to patent this form of 2FA to then licence it, is a failure. you are failing the open source ethos of bitcoin by making a barrier of use. especially if you end up trying to sue anyone that uses bitcoin transactions/addresses as a method of authentication to log into services to hold up your 'licence'. is a big no no..
there are other flaws to your business plan.. but i wont digress further

any service wanting a bitcoin based 2FA wont buy into a licence scheme especially for just 10 lines of code they can create and run themselves.

dont get me wrong, good 2FA security concept.. but bad business plan.
using bitcoin for any reason is open licence. sorry

[ChainLock]

as a concept of EG bank of america themselves monitoring a key(as a 2FA), is a step forward compared to the BitID concept.
where you no longer need to sign a message and paste it each time.
thus making it easier to prove authentication quicker.

but the flaw is giving chainlock your "account" login where you use chainlock as the middlemen. and they control the account.

sorry.. but um, nah.
i think bank of america will do their own bitcoin 2fa without "chainlock" as middlemen thus remove a security flaw (middlemen)

good use of furthering and enhancing the bitID concept. but trying to make a business as being a middleman will be the downfall.
there is a reason banks dont use facebook as a login and google 2fa..
middlemen are a security flaw.

i can however see a bank or service incorporate the concept directly under their own self monitoring.

I agree and its more of a Security issue here. How much do you trust for your bitcoin account for that middlemen?Though the idea is good, but people are hesitant to trust their bitcoin to anybody.

There is no middleman. The bank (for example) is the server that will implement the idea. There is no trusting of bitcoin to anyone. Each user has control of their bitcoins just like they have control using a wallet application.

[ChainLock]

Thanks for the comments.

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

Howard, that is a very bold statement to make.. Why would I have to pay US$ 0.28 or whatever amount with miners fees to access my

accounts? The 0.28 cents... adds a lot of extra cost, on top of all other banking fees for people with much less money, than the $9000 you

have in your account. This type of charging additional fees to access your account are typical of fiat banking systems, not Bitcoin.  ... I

do not even want to go to scenarios where confirmations takes 2 hours. 

Users are not paying the miner fee to access their account. They are paying a miner fee to lock/unlock a feature of their account, such as withdrawals.  How many times do you make a withdrawal/transfer from a savings account to a checking account... from cold storage to hot wallet?  Not very often. And so users are paying a very small fee to ensure their accounts are locked down tight. Your example of $9000 in an account... paying 16 cents to even 50 cents a month... to make sure NO ONE can access your account?

There is no need to wait for confirmation of the bitcoin transaction. The unconfirmed transaction will hit the blockchain within a matter of seconds... less than a minute. Waiting for a transaction to confirm only matters when a user is concerned with a double spending issue... this is not an issue with ChainLock... no one cares about double spending 25 cents.  If you watch the demo video, you will see that the account is locked/unlocked in a matter of seconds.

[ChainLock]

sorry.. but um, nah.
i think bank of america will do their own bitcoin 2fa without "chainlock" as middlemen thus remove a security flaw (middlemen)

The first commenter seems like a person that immediately assumes he understands everything about anything, and why it won't be adopted.

Please believe that ChainLock is...[edit]

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

I agree with what Franky is stating and the response to him just points to why people should be weary of this business. Its bad tact
to insult people that are actually reading this advertisement that is actually in the wrong forum to boot.
You are asking people to "Please believe..." and that is sketchy as hell,when we are talking about you acting as the secure link in transactions. Finally it does matter if people have doubts and you should be working to address the doubts rather than tossing them to the side because you believe the product is superior. You need to work harder on talking to the customer,as you are coming off in a manner that is raising multiple red flags.

The main issue I have is you did not explain why Franky is wrong and I would like to see you address this.

Are we confident in our product?  We are.  If you take the time to watch the demo video... you will understand the product so you can provide relevant feedback. We honestly do not care about the doubters... this is the most secure way to lock down an online account ever.  We are of course interested to hear about perceived cracks in the product... but when you truly understand how it works... you will realize the product is as secure as the blockchain itself.  It USES the blockchain protocol which has been protecting $10 billion since 2009.  You simply cannot get more secure than a $10 billion safe that has not been and will not be cracked.

[ChainLock]

if a bank wants a bitcoin based 2FA they will use their own internal blockchain explorer and ask their own customers to add a public key for the bank to watch.
the business plan:
banks/services wont pay a licence fee to a company who requires access to peoples account to control what an account can or cant do.
that alone is already a breach of customers terms of use of all banks and many other services. even if you update your business plan so its just an API request access. this is still a middleman security flaw.

though the concept of using bitcoin funds is more user-friendly compared to bitID's requirement of copy/pasting a message and then copy/pasting a signature. there are flaws in your business plan

trying to patent this form of 2FA to then licence it, is a failure. you are failing the open source ethos of bitcoin by making a barrier of use. especially if you end up trying to sue anyone that uses bitcoin transactions/addresses as a method of authentication to log into services to hold up your 'licence'. is a big no no..
there are other flaws to your business plan.. but i wont digress further

any service wanting a bitcoin based 2FA wont buy into a licence scheme especially for just 10 lines of code they can create and run themselves.

dont get me wrong, good 2FA security concept.. but bad business plan.
using bitcoin for any reason is open licence. sorry

Thank you for your comments... we disagree.  People should be encouraged to innovate... and they should be rewarded when they innovate in ways that change the world. Without compensation for innovation... or artistic work... or hard work... society dies. Reward for hard work and innovation is what our country is founded on.

[btc_enigma]

Thanks for the comments.

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

Howard, that is a very bold statement to make.. Why would I have to pay US$ 0.28 or whatever amount with miners fees to access my

accounts? The 0.28 cents... adds a lot of extra cost, on top of all other banking fees for people with much less money, than the $9000 you

have in your account. This type of charging additional fees to access your account are typical of fiat banking systems, not Bitcoin.  ... I

do not even want to go to scenarios where confirmations takes 2 hours. 

I agree with this. Why would we want to wait 2 hours and pay bitcoin for this.

If you want to use bitcoin address as proof of ownership, you can ask the user to sign a message using bitcoin address.

[ChainLock]

Thanks for the comments.

It doesn't matter whether a few people have doubts. It's just a matter of time before the entire Internet adopts ChainLock as the standard for locking online accounts.

Howard, that is a very bold statement to make.. Why would I have to pay US$ 0.28 or whatever amount with miners fees to access my

accounts? The 0.28 cents... adds a lot of extra cost, on top of all other banking fees for people with much less money, than the $9000 you

have in your account. This type of charging additional fees to access your account are typical of fiat banking systems, not Bitcoin.  ... I

do not even want to go to scenarios where confirmations takes 2 hours. 

I agree with this. Why would we want to wait 2 hours and pay bitcoin for this.

If you want to use bitcoin address as proof of ownership, you can ask the user to sign a message using bitcoin address.

It is encouraging to receive the same comments over and over.  It means that so far no one can make a persuasive argument against ChainLock.

To yet once again respond to the same comments:

1. Locking/Unlocking an account takes seconds as shown in our demo video.  A service provider (e.g., bank) need not wait for a transaction to confirm on the blockchain.  Instead of making erroneous statements like "why would we want to wait 2 hours," why not address our claim?  Tell us we are wrong?  We are not wrong. The lock/unlock time is exactly as shown in the demo video... a matter of seconds.

2. "Asking a user to sign a message with a bitcoin address" (of course he meant private bitcoin key) is the same as conventional public/private key authentication such as BitID and SQRL. Instead of questioning "why use ChainLock when you can use BitID," this thread would be much more interesting if people address the multiple differences listed on our website:

    BitID: Although BitID uses bitcoin keys for authentication, BitID does not leverage the security of the bitcoin blockchain. The bitcoin blockchain protects $10 billion of wealth, and so there are significant resources deployed to ensure the security of the bitcoin blockchain.

    ChainLock uses the security of the bitcoin blockchain to secure other online accounts. That is, the security measures currently deployed to protect $10 billion of wealth is leveraged by ChainLock, whereas BitID merely leverages the security of bitcoin keys.

    BitID: If a user loses their digital wallet (e.g., loses their phone), they must have made a backup of the wallet and they must restore the wallet which can be difficult and confusing.  Very few people make a backup of anything digital.  Further, most people will only carry a few hundred dollars in a digital wallet just like a pocket wallet, so backing up a digital wallet to protect a few hundred dollars is basically a waste of time.  Even if people backup their digital wallet, they would be calling the banks for help on how to restore the wallet.  This is a customer support nightmare.

    ChainLock overcomes this by having a master bitcoin address that can be used to reset an account (or multiple accounts).  This master address can be stored on paper in a secure location (e.g., a safe).  If a user loses their digital wallet, they can easily reset their accounts using the master address without needing to restore their wallet.  So a user need not even backup their wallet which typically only has a few hundred dollars anyway just like a pocket wallet.

    BitID: A user must download a smartphone app that supports BitID, and the user must learn how to use the smartphone app to deploy BitID authentication. Both could require additional customer support from the service provider.

    ChainLock overcomes this by relying on the general public's knowledge about how Bitcoin works in general.  If you tell a user "transfer money into a bitcoin address to lock an account" or "transfer money out of the bitcoin address to unlock an account" the user will understand not only what this means, but how it can be done using any kind of general purpose wallet.

    BitID: The service provider must incorporate the BitID protocol into their website server.  This can be fairly complex and therefore susceptible to mistakes.

    ChainLock overcomes this by using the bitcoin blockchain protocol which is easily accessible to the service provider using well known, generic blockchain query tools (e.g., blockchain.info). Multiple tools could be employed to query the blockchain redundantly.

    BitID: The BitID protocol is not really "out-of-band" because it involves a dedicated communication channel specifically for user authentication.  The BitID communication channel may be separate from a website communication channel, but it is still a dedicated part of the authentication protocol and therefore a target for hackers.

    ChainLock overcomes this by using the bitcoin blockchain protocol which is truly out-of-band because it uses a completely independent third party provider (miners) that maintain the blockchain.  All communication with the blockchain is generic to the bitcoin protocol with generic communication channels.  It's like calling a third party with a telephone and asking whether a user trying to access a bank's website is authentic.  The third party can absolutely authenticate the user with a completely independent, unbiased, out-of-band confidence.

    BitID: The BitID protocol is unproven because it has not been in use.  The vulnerabilities of the BitID protocol are therefore not even fully understood.  Service providers will be reluctant (rightly so) to adopt some new, unproven authentication protocol.

    ChainLock overcomes this by using the bitcoin blockchain protocol which has been in use since 2009. There is $10 billion entrusted in the bitcoin blockchain.  Although bitcoin private keys have been stolen over the years, the bitcoin blockchain itself has never been compromised.  There is an obvious and proven trust in the bitcoin blockchain, and so service providers will more likely adopt it as an authentication protocol (or to augment an existing authentication protocol).

    BitID: With BitID, if a user's account is hacked, it is difficult to prove how it happened or why it happened. Therefore, it will be difficult for a service provider (e.g., bank) to verify whether a hack was due to a bug in the protocol or a hack of the protocol versus a user's private key being compromised.

    ChainLock overcomes this by using the bitcoin blockchain to lock an account.  As long as there is never a transfer-out of a bitcoin address associated with a locked account, the user's account should remain locked.  If a user's account is hacked, the blockchain can verify that the hack was not due to a compromise of the private bitcoin key by verifying there was never a transfer-out of the bitcoin address. So if there is a hack, it must have been due to a system failure on the service provider side and the user can prove it using the blockchain.  If the blockchain does confirm that an account was actually unlocked as part of a hack, it proves the user's private key was compromised (not necessarily due to fault of the user, but at least the source of the hack is known).

Shared Benefits of BitID and ChainLock:

    Both BitID and Chainlock can use wallet applications to secure the user's bitcoin private keys. Securing the private keys is extremely important not only if used as part of an authentication protocol, but also to secure the funds stored in the bitcoin blockchain.  Accordingly, the security of the wallet programs will be continuously evaluated and improved in order to protect the funds in the bitcoin blockchain, and therefore the security of both the BitID and ChainLock authentication protocols will benefit from this concerted, global effort.

[ChainLock]

I agree with this. Why would we want to wait 2 hours and pay bitcoin for this.

If you want to use bitcoin address as proof of ownership, you can ask the user to sign a message using bitcoin address.
[/quote]

We forgot to address (again) the question of "why would someone pay bitcoin for this?"

Do you think the users of Bitfinex have the same "who cares about this" attitude?

Lose ten thousand or a hundred thousand dollars to a hacker... and then ask "who cares?"

Plenty of people care.  Most people care.

Most people will not mind paying 50 cents or even $1 a month to ChainLock their accounts.

Once again... yet again... to explain one more time: a user only pays a miner fee when they lock/unlock an account which will happen at most a couple of times a month.

Instead of asking the same question, why not address the above argument. Tell us we are wrong about the fees a user will pay per month. Tell us why?

Again, we are encouraged by the inability of anyone to make a coherent, persuasive argument against ChainLock.

[btc_enigma]

Again, we are encouraged by the inability of anyone to make a coherent, persuasive argument against ChainLock.

Dude, just chill out and take a beer. You are developing a product, not a fighting an election campaign.

[ChainLock]

Again, we are encouraged by the inability of anyone to make a coherent, persuasive argument against ChainLock.

Dude, just chill out and take a beer. You are developing a product, not a fighting an election campaign.

Of course we are "fighting an election campaign." We have already knocked out the primary candidate BitID.

The general campaign is against the incumbent 2FAs... token one-time-password (OTP) and SMS OTP.

Token OTP has a huge target on its back... the server seed.  When the server seed is hacked, all user accounts are comprised.  Just ask RSA when their SecureID product was hacked back in 2011 requiring the replacement of millions of hardware tokens at a cost of $66 million. Hardware tokens are also expensive and a pain to carry around, and many times they are defective requiring replacement. Software tokens are susceptible to malware. ChainLock is also susceptible to malware, but ChainLock is implemented using bitcoin wallet apps that are continuously monitored and adapted against attack. Software tokens are dedicated apps susceptible to the server seed being hacked. ChainLock relies on the security of the bitcoin blockchain which has never been hacked. Both hardware and software tokens require user training on the device/program.  If a hardware token is lost or damaged, or if a phone is lost, the user is locked out of their account until they receive a new hardware token or until a new phone can be configured.  This is also a customer support nightmare. Some banks have ameliorated the issue by allowing the 2FA to be temporarily disabled through a telephone call, but this is a security flaw because a hacker might make the call, or a hacker might attack the account while the 2FA is disabled. With ChainLock, the user can reset their own account using a master address if they lose their phone. There is no down time and the account remains locked. There is no waiting for a hardware token, or fighting to configure a new phone. There is no fighting with customer service during a customer "support" marathon.

SMS OTP is even more susceptible to attack than token OTP because it involves a cellphone service provider. There have been many instances when a hacker has simply called the cellphone service provider to redirect SMS texts to the hacker phone. ChainLock of course does not suffer from this security flaw. SMS OTP also doesn't always work with some cellphone carriers or with some cellphone software. Further, SMS OTP will not work when the user travels out of country, and so the solution has been to temporarily disable the 2FA which is a security flaw because again, a hacker may disable the SMS OTP or a hacker may attack the account while the SMS OTP is disabled. ChainLock always works, even when a user travels out of the country, because ChainLock uses the security of the bitcoin blockchain which is globally accessible using general applications that run on any cellphone. If a user loses their cellphone, they typically disable SMS OTP through a phone call to the service provider until a new phone can be configured.  This is again is a security flaw, as well as a customer support nightmare. With ChainLock, the user can reset their own account using a master address if they lose their phone. There is no down time and the account remains locked. There is no fighting to configure a new phone. There is no fighting with customer service during a customer "support" marathon.

[ChainLock]

Other major reasons why ChainLock is better than phone token or SMS OTP, such as Google Authenticator or Authy:

Most users are very novice about technology. If a user loses their phone, their primary concern is to regain access to their online accounts. The authenticator companies make sure there are a number of ways to regain access so users don't freak out.  For example, they provide backup codes, or backup phone numbers, or backup devices.  All of these "backups" represent a security risk if compromised.  Further, with phone token OTP (e.g., Google Authenticator or Authy SoftToken), the authenticator app remains active on the stolen phone unless the user is technically savvy enough to disable the stolen phone. A tech geek might think this is simple (which it is), but most people are not tech geeks. Most people won't realize their stolen phone is an active token generator... they will just be happy to access their accounts using a different device. Eventually the stolen phone falls into the hands of a hacker who gains a new target.  

With ChainLock when a user loses their phone, its exactly like losing their pocket wallet (we assume users don't make backups of their wallet apps... a solid assumption). They therefore must use their master bitcoin key (stored in a safe place, such as on paper in a safe deposit box) in order to regain access to their online account. When accessing an online account using a master bitcoin key, the user is warned to reset their working bitcoin address if their phone was lost or stolen. The entire process is straightforward and easy for the user to understand what is happening and why it's happening.

Compare this to Google Authenticator where the only way to revoke a stolen or lost phone is to disable the 2FA for each account and then re-enable the 2FA so that the seed is changed. Do you think a user understands what a seed is?  Let alone the need to change it? Let alone go through the disable/re-enable procedure for every account?  What if a user simply saves their old QR codes for each account and then rescans the old QR codes into their new phone? Is there someone telling them not to do this? Do you even understand what this paragraph is saying? Not surprised if you don't... it's not easy.

Authy makes revoking a stolen or lost phone somewhat easier, as long as multiple-device with backups to the server is enabled. Say what? Exactly. Go research it for an hour or two and you might understand it... maybe. And activating multiple devices is of course a security risk. And even if multiple-device with backups to the server is enabled, the user must not only understand how to revoke a stolen or lost phone, but remember and be diligent to do so... which of course is not going to happen 90% of the time. And then when a user's account is hacked, the bank will claim the user was negligent... which is of course true. This is not going to happen with ChainLock.

[ChainLock]

Other reasons ChainLock beats Google Authenticator and Authy token OTP:

Token OTP is safer than SMS OTP... unless you lose your phone.

Google Authenticator provides no way to revoke a lost phone. Same with Authy unless you enable multiple-device with backup to their server... which most people won't do. Authy makes multi-device sound like a great idea... but the reality is most people will single install Authy... on their phone... because everyone is tethered to their phone... there is no need for multi-device access. Only tech geeks will enable Authy on multiple devices, and only tech geeks that want to protect their Twitter and Facebook accounts. Anyone with over $100k in the bank won't want multiple devices lying around capable of draining their life savings.

So with Google Authenticator and single installation Authy, when a user loses their phone, or their phone is stolen, the only way to revoke the phone (disable the token generator) is to reset the token seed for every online account. If the token seed is not reset, the lost or stolen phone can be used to generate valid tokens. The process of resetting the token seed is different for every account (every website), and so the user must grapple with how to reset the seed for each account.  For example, an account may require the user to navigate to Account->settings, and then 2FA settings, and then click the pencil icon, yada yada yada. Or, without explanation, the account may presume the user will disable/re-enable the 2FA setting, thereby resetting the token seed. Again, this assumes the user won't do the most obvious... simply rescan their old QR code with their new phone, thereby unknowingly leave their old phone as an active token generator. Tech geeks may scoff... but this is reality... and the type of complexity that scares  the average user (rightly so).

In addition, most online accounts (websites) provide backup OTP codes that can be used in case a phone is lost or stolen. So whenever a user enables 2FA for a new account, they must print and save the backup OTP codes for the new account. A prudent person saves their backup codes in a safe place, like a safe deposit box in a bank, so that when their phone is lost or stolen, they go to the bank and retrieve their backup codes. But if new backup codes are generated for each new account, the user must make a trip to their safe deposit box to store the new backup codes whenever a new account is configured with 2FA.

ChainLock overcomes all of the above problems. With ChainLock, a user can configure each new account with the same master bitcoin address as well as a unique working bitcoin address assigned to each new account.  The master bitcoin key (for the master bitcoin address) can be printed and stored in a safe deposit box once. When the user creates a new account, they simply specify their master bitcoin address as the backup address... there is no need for different backup codes for each account.

When a user loses their phone, or their phone is stolen, the user retrieves their master bitcoin key from their safe deposit box which is used to access every account.  As each account is accessed using their master bitcoin key, the user is prompted to reset their working bitcoin address for the account.  That is, each online account (website) can implement a standard interface wherein the user is prompted to reset their working bitcoin address whenever their account is accessed using their master bitcoin key. In this way, the user need not grapple with how to reset a token seed for each account because the process is the same for every account.

Even more convenience is achieved by storing multiple copies of the master bitcoin key (multiple paper copies) in a safe deposit box. This way the user can retrieve a copy of their master bitcoin key, reset all of their accounts, and then dispose of the copy (burn it). So a user need only make one trip to their safe deposit box if their phone is lost or stolen.