Bitcoin Forum
July 18, 2018, 05:28:37 AM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Does it exist a bitcoin wallet with 2FA?  (Read 2762 times)
cryptworld
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500



View Profile
October 26, 2014, 05:49:06 PM
 #1

Does it exist a bitcoin wallet with 2FA?
I mean a software wallet that needs the password wallet and 2FA (with google auth for example) to send bitcoins
It would be awesome to have multibit tih 2FA for example
1531891717
Hero Member
*
Offline Offline

Posts: 1531891717

View Profile Personal Message (Offline)

Ignore
1531891717
Reply with quote  #2

1531891717
Report to moderator
1531891717
Hero Member
*
Offline Offline

Posts: 1531891717

View Profile Personal Message (Offline)

Ignore
1531891717
Reply with quote  #2

1531891717
Report to moderator
The World's Betting Exchange

Bet with play money. Win real Bitcoin. 5BTC Prize Fund for World Cup 2018.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1531891717
Hero Member
*
Offline Offline

Posts: 1531891717

View Profile Personal Message (Offline)

Ignore
1531891717
Reply with quote  #2

1531891717
Report to moderator
1531891717
Hero Member
*
Offline Offline

Posts: 1531891717

View Profile Personal Message (Offline)

Ignore
1531891717
Reply with quote  #2

1531891717
Report to moderator
bitllionaire
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


View Profile
October 26, 2014, 05:58:39 PM
 #2

take a look on this,it may be what you say
https://www.youtube.com/watch?v=-EKgFktOoWY


                                      ▄._       
                                       ▀█████████▀ 
                                     ,▄▓████████   
                                ╓▄▓███████████▀   
                           ╓▄▓███████▀╙.  ▀█     
                      ▄▄▓███████▀╙▄▄▄▄███         
                 ▄▄▓███████▀╙▄,  ▓███████         
           .▄▄▓██████▀▀╙▄▄▓████▌ ████████         
      .▄▄███████▀▀╙▄▄  ▐███████▌ ████████         
 .▄▄███████▀▀ ▐▄▄▓████ ▐███████▌ ████████         
╙█████▀▀▐▄▄▓  ████████ ▐███████▌ ████████         
 ╙▀ ▄▄▓█████  ████████ ▐███████▌ ████████         
    ████████  ████████ ▐███████▌ ████████         
    ████████  ████████ ▐███████▌ ████████             





AVAILABLE SPOTS

Members: 0
Full Members: 0
Senior Members: 3
Hero/Legendary Members: 2

(Participants will be enrolled based on their post quality and not on "first come, first served basis")




TWITTER CAMPAIGN SPECIFICS

We are currently looking for a maximum of 60 participants (with followers ranging between 500 & 10000) for this campaign.


FIXED CAMPAIGN RATES

500 - 3000 Followers: 0.0002BTC / week

3001 - 5000 Followers: 0.0004BTC / week

5001+ Followers: 0.0008BTC / week


TERMS & CONDITIONS


1. Twitter account must be at least 5 months old, prior to start of this bounty campaign.
2. Account must have at least 500 real followers, verified via: https://www.twitteraudit.com
3. Locked/Private/Suspended Twitter accounts and tweets will not be accepted.
4. Tweets about Adconity must contain a hashtag #ADconity and this link: https://adconity.com
5. Retweet only the tweets made by Adconity's Twitter Account (https://twitter.com/adconity_com).
6. Minimum of 4 tweets and 2 retweets per week is necessary to qualify for weekly payments.
7. Participants can enroll with 1 Twitter account only. Entries with multiple twitter accounts will not be accepted.
8. Reports must be submitted within every week's timeline. Entries after deadline will be rejected.
9. Always check the list of accepted participants in the spreadsheet. Only accepted participants will be paid eventually.
10. ADConity reserves the right to change the rules or campaign rates at any point of time.


STEPS FOR ENROLLMENT


1. Follow Adconity's Twitter Account: https://twitter.com/adconity_com
2. Fill up the registration form: https://goo.gl/forms/M0woqLzY6GYH13n23
3. Check the spreadsheet to confirm your application status.
4. Submit weekly reports in this thread with the following format:

Code:
Twitter Account link:
Twitter Audit Link:
Week Number:

Tweets:
1.
2.
3.
4.

Retweets:
1.
2.
Report to moderator 
▄▄▄▄
▐████▌
▀██▀
▐▌
▄██▄
▄▄▄▄ ▐████▌ ▄▄▄▄
▐████▌ ▀▀▀▀ ▐████▌
████  ▄▄▄▄  ████
▐████▌
▄▄▄▄        ▄▄▄▄  ▀██▀  ▄▄▄▄        ▄▄▄▄
▐████▌      ▐████▌  ▐▌  ▐████▌      ▐████▌
▀██▀  ▄▄▄▄  ▀██▀  ▄██▄
HeroCat
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
October 26, 2014, 06:29:45 PM
 #3

Only online wallets have 2FA, about offline I do not heard yet  Wink
Trezor is exactly for you, check out  Grin
cp1
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Stop using branwallets


View Profile
October 26, 2014, 06:32:57 PM
 #4

I'm not sure if that would matter because if they have access to your computer then they can decrypt your private keys with just your password.  Is there a 2-factor decryption protocol somewhere?

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
bitllionaire
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


View Profile
October 26, 2014, 11:31:16 PM
 #5

I'm not sure if that would matter because if they have access to your computer then they can decrypt your private keys with just your password.  Is there a 2-factor decryption protocol somewhere?
Now they can decrypt your private keys with just your password
2FA is just another layer of security


                                      ▄._       
                                       ▀█████████▀ 
                                     ,▄▓████████   
                                ╓▄▓███████████▀   
                           ╓▄▓███████▀╙.  ▀█     
                      ▄▄▓███████▀╙▄▄▄▄███         
                 ▄▄▓███████▀╙▄,  ▓███████         
           .▄▄▓██████▀▀╙▄▄▓████▌ ████████         
      .▄▄███████▀▀╙▄▄  ▐███████▌ ████████         
 .▄▄███████▀▀ ▐▄▄▓████ ▐███████▌ ████████         
╙█████▀▀▐▄▄▓  ████████ ▐███████▌ ████████         
 ╙▀ ▄▄▓█████  ████████ ▐███████▌ ████████         
    ████████  ████████ ▐███████▌ ████████         
    ████████  ████████ ▐███████▌ ████████             





AVAILABLE SPOTS

Members: 0
Full Members: 0
Senior Members: 3
Hero/Legendary Members: 2

(Participants will be enrolled based on their post quality and not on "first come, first served basis")




TWITTER CAMPAIGN SPECIFICS

We are currently looking for a maximum of 60 participants (with followers ranging between 500 & 10000) for this campaign.


FIXED CAMPAIGN RATES

500 - 3000 Followers: 0.0002BTC / week

3001 - 5000 Followers: 0.0004BTC / week

5001+ Followers: 0.0008BTC / week


TERMS & CONDITIONS


1. Twitter account must be at least 5 months old, prior to start of this bounty campaign.
2. Account must have at least 500 real followers, verified via: https://www.twitteraudit.com
3. Locked/Private/Suspended Twitter accounts and tweets will not be accepted.
4. Tweets about Adconity must contain a hashtag #ADconity and this link: https://adconity.com
5. Retweet only the tweets made by Adconity's Twitter Account (https://twitter.com/adconity_com).
6. Minimum of 4 tweets and 2 retweets per week is necessary to qualify for weekly payments.
7. Participants can enroll with 1 Twitter account only. Entries with multiple twitter accounts will not be accepted.
8. Reports must be submitted within every week's timeline. Entries after deadline will be rejected.
9. Always check the list of accepted participants in the spreadsheet. Only accepted participants will be paid eventually.
10. ADConity reserves the right to change the rules or campaign rates at any point of time.


STEPS FOR ENROLLMENT


1. Follow Adconity's Twitter Account: https://twitter.com/adconity_com
2. Fill up the registration form: https://goo.gl/forms/M0woqLzY6GYH13n23
3. Check the spreadsheet to confirm your application status.
4. Submit weekly reports in this thread with the following format:

Code:
Twitter Account link:
Twitter Audit Link:
Week Number:

Tweets:
1.
2.
3.
4.

Retweets:
1.
2.
Report to moderator 
▄▄▄▄
▐████▌
▀██▀
▐▌
▄██▄
▄▄▄▄ ▐████▌ ▄▄▄▄
▐████▌ ▀▀▀▀ ▐████▌
████  ▄▄▄▄  ████
▐████▌
▄▄▄▄        ▄▄▄▄  ▀██▀  ▄▄▄▄        ▄▄▄▄
▐████▌      ▐████▌  ▐▌  ▐████▌      ▐████▌
▀██▀  ▄▄▄▄  ▀██▀  ▄██▄
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1736
Merit: 1000

Let's talk governance, lipstick, and pigs.


View Profile
October 27, 2014, 12:12:35 AM
 #6

Even better, the Trezor uses air gapped offline security. That should become the standard for Bitcoin.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
opossum
Hero Member
*****
Offline Offline

Activity: 932
Merit: 1000


View Profile
October 27, 2014, 12:29:48 AM
 #7

There is blockchain.info that does allow 2FA to access the wallet. Although you can potentially get around the 2FA if you contact blockchain.info and can prove your identity to their standards.

I also believe that you can get around their 2FA requirements by importing a backup of the wallet into a new wallet.

2FA is really not good for wallet security as all that 2FA does is rely on a 'trusted' third party to only give someone access when they can enter a code that is delivered to a device. This essentially means that you must give up access to the private keys to a third party, which in itself is a bad security practice.


 
         ▄▄█████████▄▄
      ▄█████████████████▄
   ▄████▀            ▀████▄
  █████                █████▄
 ███████████████████████████▄
████▀▀▀▀▀▀▀████████▀▀▀▀▀▀▀███▄
████        ██████        ████
████        ██████        ████
████        ██████        ████
████        ██████        ████
 ████▄      ██████      ▄████
  ▀████     ██████    ▄████▀
    ▀████▄▄▄██████▄▄▄████▀
      ▀▀██████████████▀▀
TIDEX



p2pbucks
Hero Member
*****
Offline Offline

Activity: 652
Merit: 500


Evolution is the only way to survive


View Profile WWW
October 27, 2014, 02:11:51 AM
 #8

1. BIP38 address : encrypt privkey with a password http://cryptocoinjs.com/modules/currency/bip38/
2. multisignature : you can use pubkeys to create a multisignature address  https://gist.github.com/gavinandresen/3966071
opossum
Hero Member
*****
Offline Offline

Activity: 932
Merit: 1000


View Profile
October 28, 2014, 05:33:48 AM
 #9

1. BIP38 address : encrypt privkey with a password http://cryptocoinjs.com/modules/currency/bip38/
2. multisignature : you can use pubkeys to create a multisignature address  https://gist.github.com/gavinandresen/3966071
2 - I would warn people against trying to use multi sig addresses that do not know what they are doing as if you mess something up you can potentially lose access to your funds (a likely scenario is that you cannot figure out how to sign/broadcast a TX that you wish to broadcast and you do not have anyone you can sufficiently trust to help you)


 
         ▄▄█████████▄▄
      ▄█████████████████▄
   ▄████▀            ▀████▄
  █████                █████▄
 ███████████████████████████▄
████▀▀▀▀▀▀▀████████▀▀▀▀▀▀▀███▄
████        ██████        ████
████        ██████        ████
████        ██████        ████
████        ██████        ████
 ████▄      ██████      ▄████
  ▀████     ██████    ▄████▀
    ▀████▄▄▄██████▄▄▄████▀
      ▀▀██████████████▀▀
TIDEX



Nrcewker
Copper Member
Hero Member
*****
Offline Offline

Activity: 665
Merit: 500


Geek UAV Pilot


View Profile WWW
October 28, 2014, 06:13:50 AM
 #10

even 2FA is not absolutely perfect, it has its weakness.

                     ▓█████████████▓                       
                 ▓███▓██  █████████▓███▓▒                 
              ▓██▓▒▓█▓▒ ▒▒▓▓████████████▓██               
            ▓██▓▒  ▒█▓▓▓██████████████▓▒▒▒▓█▓             
           ███▓█▒▓█▓▒▒▓▓█████████████████  ███             
         ▓█▓▒▒▒█▓▓   ▓█▓█▓█████████████      ███           
        ▓█▒▒▒▒  █▓███▒▒▒▒▓▓█▓██████████       ███         
        ██▒▒▒▒   ▓██▓▒▒▓█▓▒▒▒▒▓▒▓▒█▒▓▒     ██▓ ▒█         
       ██▒▒▓▓▒     ▒▒▒▓▓▓▓▒▓▒▒▒▒▒▒▒▒▒           ▓█         
       █▓▒▒▓▓▒     ▒█▒▓▓▒▓▒▓▒▒▓▒▓▒▒▓▒▓         ▒▒█         
      ▓█▓█         █▓████████████████▓        ████▓       
      ▓█▓█       ███▓████████████████▓       █████▓       
       █▓█      ████▓████████████████▓     █▓▓████         
       ▓██ █████████▓████████████████▓▓▓  ██▓███▓█         
        ██ ▓█▓██████▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓███████▓█         
         ██  ████████▓▓▓▓▓▓▓███████████▓██▓██████         
          █▓██████████████████ ██▓██   ███▓██▓█▓           
           ██████████████████    ▓▓█▓▓█████▓██▓           
            ▓███████▓██████       ███▓██████▓             
               ██▓██████████▓▓██    ██▓███▓               
                 ▓███▓██████     ██▓███▓█                 
                     ▓████████████▓▓                       
 
►  Telegram
►  Twitter
►  Facebook
LFC_Bitcoin
Copper Member
Legendary
*
Offline Offline

Activity: 1414
Merit: 1102


★777Coin.com★ Fun BTC Casino!


View Profile
October 28, 2014, 06:38:23 AM
 #11

Blockchain.info has 2FA.
Nobody can get into your wallet that way as far as I'm aware.

It'd be very difficult to any way.

Sutters Mill
Hero Member
*****
Offline Offline

Activity: 711
Merit: 506

Cryptophile at large


View Profile
October 28, 2014, 08:37:29 AM
 #12

Aside from blockchain.info I don't believe there is any computer wallets with 2-factor, but I wish there was. Maybe someone should develop one. It's far too easy for those who are less tech-savvy to have their bitcoins stolen and this will hamper mainstream adoption in my opinion.
Eeminia
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
October 28, 2014, 09:12:00 AM
 #13

even 2FA is not absolutely perfect, it has its weakness.

quite agree.
young3dvard
Full Member
***
Offline Offline

Activity: 193
Merit: 100


View Profile
October 28, 2014, 09:19:47 AM
 #14

Trezor is better alternative to 2FA, but the main disadvantage is the Trezor price.

funtotry
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


Ever wanted to run your own casino? PM me for info


View Profile
October 28, 2014, 09:12:38 PM
 #15

1. BIP38 address : encrypt privkey with a password http://cryptocoinjs.com/modules/currency/bip38/
I don't think this would quite qualify as 2FA as there is no second authentication method with BIP38, all that you would need is the password to the BIP38 paper wallet (and the paper wallet itself) and you would have access to the funds in the wallet.

2FA is when you need a password + some code that is generated/sent to you via means other then when you login

cp1
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Stop using branwallets


View Profile
October 29, 2014, 04:43:54 AM
 #16

You could at least encrypt your wallet with truecrypt (password and smartcard) I guess.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
Eisenhower34
Legendary
*
Offline Offline

Activity: 894
Merit: 1000



View Profile
October 29, 2014, 05:44:18 AM
 #17

Trezor is better alternative to 2FA, but the main disadvantage is the Trezor price.


I would disagree. Trezor wallets will not give you a lot of protection if someone gains physical access to your wallet file (or your Trezor in this example) then you will not be very well protected (this is the point of wanting to have 2FA).

There are not any wallet services that both allow you to access your private keys and offer 2FA protection - access to your private keys essentially means that no one can deny you access to your keys - which is what 2FA essentially does if you cannot complete the 2FA process.

If you want to use 2FA then you must give up access to your private keys, if you agree to this then you could use a service like circle or coinbase (or many/most exchanges)
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1000



View Profile WWW
October 29, 2014, 06:38:44 AM
 #18

2FA is really not good for wallet security as all that 2FA does is rely on a 'trusted' third party to only give someone access when they can enter a code that is delivered to a device. This essentially means that you must give up access to the private keys to a third party, which in itself is a bad security practice.

This is a very good summation of the issue. If you use a wallet that is not completely and solely under your control, you're gonna have a bad time. If your Bitcoin keys are on another service - if signing transactions happens anywhere else but on your computer - then you are vulnerable to attack.

Internet two-factor authentication schemes prevent simple password-stealing attacks, but assume a secure unalterable communication channel, which is a bad assumption. SMS codes, challenge-response, time-based one-time passwords, yubikey, all can be proxied by an attacker and instantly replayed to the actual service.

Secure communications require encrypted and signed channels, such as done through a Java smart card provided by the internet service, which relies on the device also not being security-degraded by secret arrangement with a three-letter agency.

Look at blockchain.info wallets - in theory secure, but in practice any man-in-the-middle (such as a Tor exit node, your VPN company, hacked service home page with injection, or government tapping/redirecting the connection) or even man-on-the-side (with the poor security of https encryption) can intercept your communication with the service and steal your credentials, secrets, and Bitcoins. Since the something-you-have also goes over the wire, this provides very little security to an attacker in these positions.

With Bitcoin, you must be your own bank. You cannot ask for a refund when you are defrauded.

Real personal two-factor relies on something you have along with something you know. Something you know is your password to the encrypted wallet. Something you have is your local computer with the Bitcoin wallet. If someone else doesn't have both of these, they can't send Bitcoins.

Another layer of something-you-have/something-you-know can be a two-layered encryption scheme for accessing the local device. An example would be a smart card OS drive encryption in combination with a password-based hardware drive encryption.

A further layer would be to use a TPM module for OS full disk encryption, this requires something you know (password to unlock TPM) and something you have (motherboard/system TPM) to access the drive. The drive separated from the security device is also useless.

If you want another layer of security, lock every Bitcoin wallet storage device or computer in a safe. Then to access it you need something you have (a safe, a key) and something you know (a combination).
galaxyhero
Member
**
Offline Offline

Activity: 82
Merit: 10


View Profile
October 29, 2014, 07:53:07 AM
 #19

2FA is as unsafe as troditional verification. It must trust the third party as you use it. password may be decrypted.
Eisenhower34
Legendary
*
Offline Offline

Activity: 894
Merit: 1000



View Profile
October 29, 2014, 08:02:10 AM
 #20

As I think about this question more, I think there is theoretically a solution. You could possibly use a multi-sig address with two, very trusted people (who do not know each-other - nor do they know that they both know you) to hold two of the m - of - n private keys, with m being two and n being three.

They would need to agree to only sign a transaction if they speak to you personally from a specific phone number or in person.

This would still involve the trusting of a third party, however you are able to use your judgment as to who you should trust and can hopefully make the right call if you have known them for a long time 
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!