Stealing Bitcoins from online wallets with 2FA

[Andre_Goldman]

why people still confusing 2 step authentication by 2 factor authentication ?

for me two factor means one thing you have (device... whatever) and one thing you know (pin, password)

so if somebody can recover your account after you lost one of those factors then your account is something else but 2FA ...

[Rinsend]

In most cases, you should be fine using an online wallet with 2FA. It is sufficient to keep any email hijackers away from your wallet.

The chances of having a wallet with 2FA accessed is slim, I wouldn't worry using one, unless you have a significant amount of BTC.

2FA access is a very good security level not only can give us a sense of comfort in storing bitcoin,
but this is one of the most trusted level of security for us to use
I think it is impossible and is just a small possibility for a domet equipped with 2FA security can be stolen
I have been using this security system for many years

[skyline247]

Everyone watch out for the fake websites which steal your login info, they look exactly like the exchange website only the domain is different (they will change 1 letter) and then login to your account and ask for 2FA code which they use and boom, just like that all your Bitcoin is gone instantly.

[Sylenth]

When there is anything related to mobile or desktop or anything connected to internet nothing is safe completely. That is why it is always advisable to have hardware or paper wallet instead of mobile or desktop wallet which are connected to internet. Any  of these things can be attacked and infected by virus and data could be corrupted or taken away from the user,so the best  way is to have a backup of data ,in case anything gets corrupted and be careful of the spams that are most likely to cross your path once in a while.

[viramarket]

you are all the time talking about safety 2 FA and what you use it for many years!!But in the very structure of the ligaments of the email+phone+2 fa is vulnerability. Now ordered a nano ledger,I'm sure the amount of 84 euros for these purposes not so much.Has anyone used this wallet?

[acpr23]

Also only keep coins that you can afford to loose in your online wallet, 2fa may not fail you but the online wallet may, still suggest to keep your coins in much safer place like hardware wallet or some wallet that you control the keys

[mrfaith01]

Stealing bitcoins from wallet with 2FA is difficult because every one our the 6 digit code is automatically changing so I advice to for your wallet you must use 2FA to secure your account or the is another way is after you recieve your earning in your bitcoin wallet you withdraw it immidiately

[kondor1030]

Do not use your phone number for 2FA - especially if you are based in the USA. There are better alternatives such as code generators (Google Authenticator) and Hardware Keys (Ledger Nano S - yes, you can use your hardware wallet for 2FA).

[CrazyCraig]

Do not use your phone number for 2FA - especially if you are based in the USA. There are better alternatives such as code generators (Google Authenticator) and Hardware Keys (Ledger Nano S - yes, you can use your hardware wallet for 2FA).

++

I agree with this 200%

[TrumpD]

2fa is vulnerable and can be attacked, but it is very difficult to do. cybersecurity experts have warned us that this will happen eventually, and it happened back in May when hackers stole millions of Euros attacking the banks outdated 2FA. If this can happen to a bank, it could obviously happen to online web wallets and exchanges. 

read more here; https://www.cyberscoop.com/finally-happened-criminals-exploit-ss7-vulnerabilities-prompting-concerns-2fa/

[Barbut]

I use 2FA, on couple places SMS verification. I think I'm protected, until now I didn't have any problems on internet, I'm careful as I can be but I think that we are vulnerable if we become targets of some genius hackers. Luckily they have good paying jobs, or with knowledge they have I doubt they will attack us little people for couple dollars. That's why it's not good to go around and talk how you have a lot of bitcoins, or that you are very rich. Don't draw attention to yourself and there will not be any problems with hackers that wish to steal from you.

[BrewMaster]

your topic is very misleading because it is not a weakness with 2FA in general. and 2 Factor Authentication is a wide range of different things as a second layer of security.

what the article is pointing out is some weakness in the network system that can potentialy be used to read SMS and listen to calls.

but the common way of using 2FA is Google Authentication which uses neither of these!

[aleksej996]

your topic is very misleading because it is not a weakness with 2FA in general. and 2 Factor Authentication is a wide range of different things as a second layer of security.

what the article is pointing out is some weakness in the network system that can potentialy be used to read SMS and listen to calls.

but the common way of using 2FA is Google Authentication which uses neither of these!

I agree that I made the post only with mobile networks in mind. I guess that other forms of 2FA as Google Authenticator became popular in recent years and I haven't got used to thinking about it as a widely adopted alternative. I thought that 2FA services are dominated by use of cellular networks and see here that it might not be the case anymore.

[Cindy1983]

I think hacker only can hack Bitcoin from wallet with 2FA code send to SMS not for code from Google Authenticator cause it's not easy to hack a wallet with two-authentication beside the code from Google Authenticator change every 30 seconds so I think it's almost possible to hack these wallet. But maybe it can be if the hacker is very professional. I think we should try to keep our phone or computer clean, don't click at anything we don't sure that it safe.

[Flor1982]

I see people calling for 2FA as a safety mechanism for their accounts even tho there is a huge vulnerability in the mobile networks known for years now.
2FA just increases the complexity of the attack, it doesn't stop it at all. Here is an article from The Hacker News that came out today about using 2FA on Bitcoin online wallets like Coinbase, although they say that it isn't a vulnerability in Coinbase at all but in the mobile system design flaws instead.

https://thehackernews.com/2017/09/hacking-bitcoin-wallets.html

The conclusion here is that you shouldn't consider a mobile network safe.

I trusted 2FA features and security because given codes are constantly changing, even our mobile cellphone will be lost and stolen still it is hard for the thieves to open our wallet because of password and 2FA is required. But still we should give consideration the possibility of this advice but for now the 2FA features is today's the most safest security if this will fail the possibilty of 3FA will be the alternative.

[EmmanCryp]

I prefer to use the Google authenticator or authy apps to SMS 2fa. SMS 2fa is not as reliable as the app

[shinratensei_]

I see people calling for 2FA as a safety mechanism for their accounts even tho there is a huge vulnerability in the mobile networks known for years now.
2FA just increases the complexity of the attack, it doesn't stop it at all. Here is an article from The Hacker News that came out today about using 2FA on Bitcoin online wallets like Coinbase, although they say that it isn't a vulnerability in Coinbase at all but in the mobile system design flaws instead.

https://thehackernews.com/2017/09/hacking-bitcoin-wallets.html

The conclusion here is that you shouldn't consider a mobile network safe.

I trusted 2FA features and security because given codes are constantly changing, even our mobile cellphone will be lost and stolen still it is hard for the thieves to open our wallet because of password and 2FA is required. But still we should give consideration the possibility of this advice but for now the 2FA features is today's the most safest security if this will fail the possibilty of 3FA will be the alternative.

Have you read the whole article dude? I know that 2 fa code is constantly changing but what if the hackers could listen or read your 2fa code that's sent to your mobile phone? it's dangerous isn't it.
if you use 2fa with google authenticator, or else, it's still safe, but 2fa through sms or voice call, no way you will be safe.

[Dalmar]

Second level of protection brings a lot of new features with offering good level of security.3 type is known:Something you have like device,something you are eye or finger print,something you know like passwords or seeds. Breaking this type of  authentication is only possible with social engineering.

[Raxitto]

The first thing to be learned by any new crypto-currency user is the opening phrase of this article: exchanges are not wallets. Therefore, NEVER keep all your funds in one of these companies.
If you are interested in doing trade or any other operation, leave in exchange only the value that you will use in operations.
Another important tip is to enable two-factor authentication (known as 2FA). The exchanges usually offer the option to send the code by email, cell phone or both. Thus, you can identify if your account is being hacked and prevent the theft of funds. Some hardware wallets, such as the Nano S Ledger, allow for storage of several different currencies, which gives the less savvy user the convenience of not having to create multiple wallets in different locations.

[MFahad]

Hackers are made to break security,Locks,Passwords. You're not safe if you're mobile network or online wallet user. For hackers its easy to exploited both. That's why i recommend downloaded wallets.
Even though 2fa is a very good security but still i have heard people bypass 2fa and hack into people account. Hackers always find a way to crack even the most secure online systems.