The forum needs 2FA

[PowerGlove]

There's an interesting thread about 0.46 BTC (~$11k) being released from escrow by OgNasty after receiving authorization to do so from a compromised account. One of the issues being raised there is the lack of 2FA on Bitcointalk:

{...} And to blame it on my account' security... when escrow is being offered on a platform that DOESNT EVEN HAVE BASIC ACCOUNT SECURITY FEATURES LIKE 2FA!!!!! Which I also will make sure that my following is aware of this as well... escrow shouldn't even be fucking allowed on here without 2fa being integrated first. How the fuck does this website not have 2fa?

That in and of itself is what bothers me the most now after thinking about it. WHY IS ESCROW EVEN ALLOWED HERE WHEN ACCOUNT SECURITY CANNOT BE GUARANTEED!!!!!

Close down the marketplace until 2fa is implemented! Do SOMETHING!

Why doesn't Bitcointalk have (optional) 2FA?

Seriously, @theymos needs to set some time aside to read RFC 6238 and then spend a weekend getting a basic TOTP implementation working (with default parameters to maximize compatibility: 6 digits, 30 second time step, HMAC-SHA-1). I'm sure he's reluctant to add features to the "legacy" codebase but it's not much code and the effort would be worth it, IMO.

I very much doubt he'd need help with something like this, but I'm willing to volunteer my time, although my PHP skills have just about fossilized at this point.

Can anyone think of a good reason why this shouldn't be done? It seems like it would take so little effort for so much reward...

Edit: Based on some of the responses so far, it seems necessary to point out that I'm not suggesting that 2FA would completely stop accounts from being compromised. I'm also not suggesting that there are not already alternative mechanisms to prevent escrow mishaps (like message signing). I'm only suggesting that for a lot of users (especially ones with bad habits, like password reuse) 2FA would help. I also think that even using 2FA lazily (i.e. on a single device) can still prevent things like phishing sites, clipboard malware and keyloggers from being able to easily steal and use your password.

Edit: Thanks @Z-tight for finding this thread! It seems that someone already attempted this in 2014 and even made some changes at theymos' request but it was never implemented.

Edit: I ended up tackling, and finishing this. Here's the topic about it: A concise 2FA/TOTP implementation (SMF patch).

[1713896777]

1713896777

[1713896777]

1713896777

[1713896777]

1713896777

[1713896777]

1713896777

[NeuroticFish]

1. Post an address that is yours and will ever be yours, maybe sign a message too with it. There's a topic about that, do the search. found it: https://bitcointalk.org/index.php?topic=996318.new#new
2. Whenever you do a trade, request that everything related to the trade is disregarded if it's not signed from that address.

This is it all. You don't need 2FA. Bitcoin offers the tools you need, you only have to start using them.


PS. 2FA is overrated. People tend to keep 2FA tool on the same devices as the browser or exchange/social media apps they use with 2FA.

[Little Mouse]

For such a big deal, I wouldn't trust a simple message from an account. Rather, I would look for a signed message from a bitcoin address. That's how we should use the forum. Will 2FA guarantee that the account won't compromise? Of course not. Someone may have the access to the device and misuse it.
Problem isn't with 2FA or anything else. We are the problem for ourselves. We must be more aware of the possible scenerio.

PS. 2FA is overrated. People tend to keep 2FA tool on the same devices as the browser or exchange/social media apps they use with 2FA.

Almost everyone does so. I can't remember if I have seen someone with a second device for the 2FA.

[Z-tight]

Theymos has this to say about it:

Bumping this again as I think this should be implemented before a year from now.

If someone wants to write a patch for it, I will seriously consider adding it. I believe that safely adding 2FA would be very time-consuming, so I'm not willing to do it myself or direct Slickage to do it.

[Charles-Tim]

1. Post an address that is yours and will ever be yours, maybe sign a message too with it.

This defeats the purpose of 2FA as Bitcointalk's account security purpose.

Almost everyone does so. I can't remember if I have seen someone with a second device for the 2FA.

But that does not change the fact that it is risky, having 2FA on the same device reduces the 2FA as a security because anyone that compromised your device might be able to compromised the accounts it is enabled. Having 2FA on another device is what that is recommended.

[NeuroticFish]

1. Post an address that is yours and will ever be yours, maybe sign a message too with it.

This defeats the purpose of 2FA for Bitcointalk's account security purpose.

This was the (my) point. Using Bitcoin address is the proper way on bitcointalk. And it's already there, nothing needs to be implemented/added, one has to just learn to use it (which is also not a big deal).

[Charles-Tim]

This was the (my) point. Using Bitcoin address is the proper way on bitcointalk. And it's already there, nothing needs to be implemented/added, one has to just learn to use it (which is also not a big deal).

Exactly, we are on the same page. Signing message with bitcoin address and post it in a thread on this forum defeats the need of 2FA on this forum as it can be used to know the original owner of a Bitcointalk account. I have noticed people that are loaning on this forum and other kind of businesses do not joke with message address signing or PGP, which is how it supposed to be.

[UserU]

Theymos has this to say about it:

Bumping this again as I think this should be implemented before a year from now.

If someone wants to write a patch for it, I will seriously consider adding it. I believe that safely adding 2FA would be very time-consuming, so I'm not willing to do it myself or direct Slickage to do it.

Unlike last time, integrating 2FA now takes a few clicks thanks to the abundance of such plugins, like the one below:



https://www.smfpacks.com/2fa/

Compatibility is another thing though, assuming it still supports this ancient relic.

[LoyceV]

One of the issues being raised there is the lack of 2FA on Bitcointalk:

I would argue the issue is the lack of making sure the trade can't go wrong in any possible way by the "most trusted" and "most used" escrows on Bitcointalk.

I strongly dislike having to use a different device to log in to any website, especially websites that I often use. There's no need to make using Bitcointalk more work, just because some people (who earn up to hundreds of dollars per transaction) can't guarantee the one thing an escrow should do: protect the innocent from the scammer.
Besides, 2FA will only stop a small part of the scams that take place here. Example: this case lost $30k.

[PowerGlove]

I would argue the issue is the lack of making sure the trade can't go wrong in any possible way by the "most trusted" and "most used" escrows on Bitcointalk.

I agree with that, and I'm not suggesting that 2FA is the "right" way to improve the security of anything (especially escrow). But wouldn't it be nice to (for example) make phishing impossible on Bitcointalk?

I strongly dislike having to use a different device to log in to any website, especially websites that I often use.

Yeah, me too! But I'm proposing optional 2FA so you wouldn't have to use it. Also, RFC 6238 is pretty well supported (i.e. lots of different choices for mobile and desktop authenticator apps, native support in some password managers, etc.) and doesn't require an additional device.

I'm guessing you use a password manager, and TOTP is already natively supported in a lot of them (like KeePassXC).

[Timelord2067]

So for eight years *no* *one* has lifted a finger to implement something that theymos said they'd implement if someone else created it?


There is on the other hand a small piece of code a user can add to the URL when logging in which kind of acts like a 2FA to avoid captcha purgatory at sign in.

[shahzadafzal]

Bitcoin doesn’t have 2FA.
Hence bitcointalk don’t need 2FA.
Your sincerely,
theymos

[UmerIdrees]

Bitcoin doesn’t have 2FA.
Hence bitcointalk don’t need 2FA.
Your sincerely,
theymos

Bitcoin does not need 2fa because the bitcoin private key compromises of 256-bit string of numbers and letters where as on the other hand there is no password policy for bitcointalk.    (no minimum or complex password mandatory thingy)

For me, I do like the current system which has no 2fa but everyone can show proof of ownership by signing a message in case if the hacker manages to crack the passord.

[shahzadafzal]

Bitcoin does not need 2fa because the bitcoin private key compromises of 256-bit string of numbers and letters where as on the other hand there is no password policy for bitcointalk.    (no minimum or complex password mandatory thingy)

For me, I do like the current system which has no 2fa but everyone can show proof of ownership by signing a message in case if the hacker manages to crack the passord.

Joking apart but Ctrl + C and Ctrl + V does not care about 256 or 512 or simple abc123

[masulum]

This forum does not require transactions and does not save our money, so what is 2FA for? In my opinion, the best security is from ourselves in the use of this forum.
- Reduce the activity of browsing unknown websites
- Don't just open the link on the forum or outside the forum especially from stranger
- Antivirus for the device (if needed), but also be careful when choosing AV
- Prepare a good password, strong, difficult to guess, 4 combinations (letters, numbers, capital, symbols).

This should be enough to secure the account. Let's see why theymos accounts or top user accounts have never been hacked, both don't use 2FA, right? Because they secure the account with their own method. LoyceV for example, he created account for PC and for Mobile. because he realized the importance of keeping his account secure. From him we can learn if not logging in on any device is important to secure our account.

[dkbit98]

2FA would be useful addition to bitcointalk forum but I would only use it optionally and I wouldn't allow connection with phone numbers.
Even better option would be adding support for hardware token FIDO authentication that is one of the most secure form of account protection and it's used by some exchanges and banks.
Down side for this is that you would have to buy hardware devices like YubiKey, so it's not free and you would have to buy two devices as backup.
Some hardware wallets also support FIDO, so they could be used as well.

[Casino Critique]

snip

It's a forum. Simple.
If I want to trade with anyone and it requires to send BTC to them or any sort of crypto, I will ask them to sign the bitcoin address they staked or sign a message using PGP fingerprint they have attached with the forum.
 

[stompix]

Bitcoin doesn’t have 2FA.
Hence bitcointalk don’t need 2FA.

This forum is centralized and run by an admin hence we should do the same with bitcoin!
See how this works?

[Lafu]

I would be love to be getting the 2FA option here on the Forum and i guess others also would be like the idea of it.
Means maybe less Account hacking would be going on then and it would be harder to get Accounts from Malwares and Phishing.
Also i think the Account recovery would be more easier , but i dont know .

Just my 2 cents

[Welsh]

2FA would be useful addition to bitcointalk forum but I would only use it optionally and I wouldn't allow connection with phone numbers.
Even better option would be adding support for hardware token FIDO authentication that is one of the most secure form of account protection and it's used by some exchanges and banks.
Down side for this is that you would have to buy hardware devices like YubiKey, so it's not free and you would have to buy two devices as backup.
Some hardware wallets also support FIDO, so they could be used as well.

Mobile phones I would hope would never be used, although they're probably better than nothing, but again there's a potential privacy issue to be had with that. However, the rest is good. Physical key although free, is by your discretion. Other than that, using a Bitcoin address, and automated system for verifying signatures would be the most logical approach. Although, that would probably be difficult to implement into the current software, and that's why I imagine it hasn't already been implemented, I take theymos has someone who cares about security, so I wouldn't have thought they'd be against two factor authentication.

It's probably the issue of implementing it correctly, and without introducing a tonne of new problems, and potentially breaking other things.