Topic: 2FA for Bitcoin-QT? (Read 2675 times)

I have integrated 2FA - Google with Qt wallet. If you would like to get source code. PM me.

I see the warning that this is over 120 days but this is very relevant and I did already start another post asking a similar question.  I want more discussion on this matter as I think it's hugely important do the more widespread adoption of bitcoin.

SgtSpike's query deserves more consideration.

here's my thoughts: https://bitcointalk.org/index.php?topic=935071.new#new

I don't see why 2FA can't fit into a wallet as an alternative to memorizing seeds.  2FA or some derivative may be essential to improving the bitcoin user experience in my opinion.

Yeah. I mean, raising the bar is a good idea, hence the wallet encryption (it knocks out some script kiddies).

But, once you assume an attacker has more skill than that, then there isn't much point spending time on solutions that won't work. You might as well aim for the top.

I see your point.  Sure, some methods might defend against some types of malware attacks, but what is the use of allowing the user to trust in those defenses if they cannot defend against all malware attacks?  It would simply give the defense method (and Bitcoin) a bad name.

No, there's no existing alternative. No, the alternatives you cite won't work. There are good reasons we're pursuing the path we are.

A little more helpfully, the threat model we're working towards is a completely malware compromised computer, in which the attacker has unlimited skill and control over the machine. This is a very strong threat model. In fact, it's one so strong that no existing financial system has ever managed to survive it. Even European banks that use hardware second factors aren't really resistant to this scenario because the devices they use have extremely limited I/O bandwidth (you have to manually type in codes) so it's possible for a virus author to rewrite IBAN codes to different ones and get you to sign a wire transfer to the wrong place.

In practice such viruses don't seem to crop up because wire transfers are very rare in the current banking system (they're extremely slow, awkward, expensive etc), so the banks don't have much incentive to fix it. Credit cards don't even try and survive this threat model, they just leak money all over the place. In person debit card transactions have secure hardware but assume a trusted merchant (they're not peer to peer).

So we're being very ambitious with this effort but it's the only approach that will put us on sure footing, long term.

I think you can see why the solutions you've proposed won't work given a malware compromised host. You really need the wallet to be controlled by a device that is secure, and the only known way to make such a thing is to severely limit its abilities. So, eg, smartphones can help a bit because they have more secure operating systems than desktops, but their huge abilities make it hard to secure them and lots of people have insecure smartphones as a result. A Trezor + authenticated payments s really the best possible solution.

Yes, I have read about that.  Very cool project!

I suppose my question is more along the lines of:
- Is there currently ANY 2FA for any of the installable wallets?
- Should we be looking at more than just a hardware wallet for 2FA?  Would a Yubikey be possible to use?  Email confirmation code?  Etc?

As an end user, I like having options, so I want to discuss/explore what options might be possible to implement.

See - payment protocol, Trezor.

2FA for desktop wallets is a project that has been in progress for many months now. And things are coming together nicely, but it's still nowhere near ready for launch yet.

Just curious... Bitcoin-QT has a password, sure, but what if you have a keylogger on your computer?  Is there any sort of 2FA available that works with Bitcoin-QT (or any of the other installable wallets)?  Or can we brainstorm ways to support 2FA that wouldn't be hackable via the same method (i.e., would defeat keyloggers)?  Yubikey support?  Hardware signatures?  Email confirmation codes?  Etc?