Topic: Does it exist a bitcoin wallet with 2FA? (Read 2877 times)

Hello all,


Check out vTorrent client if anybody still looking for 2FA for Bitcoin-QT.

https://github.com/vtorrent/vTorrent-Client/releases/tag/0.8.1



Regards,

vTorrent

Why can you say that? Traditional in what way?

Traditional 2fa requires a third party.  A hacker who keylogs can log the password to your bitcoin wallet and your e-mail, making 2fa that uses e-mail worthless.  Trezor's PIN is never visible to a computer, so malware cannot steal it.  I was wrong in suggesting that it was entered on the Trezor, but the way it is entered on a computer would only give a click+screenshot recording malware minimal information, if that.  Specifically, the PIN pad is blank and random, so you enter your PIN by clicking blank keys on-screen while looking at numbers only visible on the Trezor.  If the random order of the keys does not change during entry and your PIN uses the same more than once, then such malware could confirm that your PIN uses the same number x times.  That having been said, Trezor can use only a PIN, and then someone could theoretically steal your hardware wallet or secret seed and guess your PIN to steal funds.  However, even this requires physical access and bruteforcing instead of malware.  More importantly, you can also use a password, which is entered on the computer and unknown by the Trezor, so if you do that, the password is necessary as well as physical possession of the Trezor or secret seed (which I am referring to as the second factor), and someone who has access to your Trezor could steal any other 2FA device just as easily.  As such, it is better than the "enter a random code from your e-mail" method of 2FA, which doesn't protect you from malware at all, and I don't see how it is any less secure than "enter a code from a token" 2FA since all that is needed to break that is for something physical to be stolen from you, which is equal to what is needed to spend from the Trezor.  Beyond that, many financial services including banks in the US don't require (or even offer) your definition of 2FA.  I think there is legislation that says they must use 2FA, and they simply ask you the answer to random security questions (from a very small list) after your password is entered.  Worse, those questions are often multiple choice.  The answers to most "security questions" are definitely less secure than a PIN, especially when multiple choice is involved.  So unless I am wrong about some legislation requiring financial services to use 2FA, either a lot of financial services are breaking the law or the possession of a PIN and password secured Trezor would meet or exceed said legislation's legal definition of 2FA.

trezor will allow you to recover your wallet if you lose your trezor with your secret seed.

I think his point is that once you have access to the trezor wallet, all that you need to spend coins in your wallet is your pin/password (which is essentially the same as a password to decrypt an encrypted file). If you do not need to receive anything from a device that is seperate from your computer then you are very much not using 2fa, but are rather using a password .

I am not sure what your logic is behind your statement regarding entering a static token into your computer being better then traditional 2fa

Have you actually read about Trezor?  From what I've read, the wallet is only on the device, and at the very least, a PIN (entered on the device) is needed to spend from it.  It is possible to also require a password (definitely entered on the computer) to spend from it.  I think that probably actually qualifies as 2FA but is even better than most.  Typically, for 2FA, you enter your password and the second factor that you receive via a separate conduit (that is sometimes on the same computer) both through the computer.  In this case, the second factor isn't random (so you don't need to receive it), but it isn't entered on the computer (so malware can't collect it).  Technically, there is also a paper backup to regenerate the wallet on a replacement Trezor, but the PIN and password are required for that to work, too.  I may not be remembering exactly right, and the configuration step may be a weak point if I am remembering incorrectly.  Moreover, persons could argue that it isn't 2FA, but "physical access to your wallet file" doesn't seem like a real possibility on a Trezor unless the device can be taken apart and the wallet data extracted from it.  I'm not sure whether or not this is possible without a password (PIN may be used for basic encryption), but it would certainly be less possible with a password since the Trezor doesn't know or use the password (computer deals with that, I think via encryption on the Trezor).

This covers it well. Wallets (online or not) don't need access to your keys, they only need the authority to broadcast signed transactions.

As I think about this question more, I think there is theoretically a solution. You could possibly use a multi-sig address with two, very trusted people (who do not know each-other - nor do they know that they both know you) to hold two of the m - of - n private keys, with m being two and n being three.

They would need to agree to only sign a transaction if they speak to you personally from a specific phone number or in person.

This would still involve the trusting of a third party, however you are able to use your judgment as to who you should trust and can hopefully make the right call if you have known them for a long time 

2FA is as unsafe as troditional verification. It must trust the third party as you use it. password may be decrypted.

This is a very good summation of the issue. If you use a wallet that is not completely and solely under your control, you're gonna have a bad time. If your Bitcoin keys are on another service - if signing transactions happens anywhere else but on your computer - then you are vulnerable to attack.

Internet two-factor authentication schemes prevent simple password-stealing attacks, but assume a secure unalterable communication channel, which is a bad assumption. SMS codes, challenge-response, time-based one-time passwords, yubikey, all can be proxied by an attacker and instantly replayed to the actual service.

Secure communications require encrypted and signed channels, such as done through a Java smart card provided by the internet service, which relies on the device also not being security-degraded by secret arrangement with a three-letter agency.

Look at blockchain.info wallets - in theory secure, but in practice any man-in-the-middle (such as a Tor exit node, your VPN company, hacked service home page with injection, or government tapping/redirecting the connection) or even man-on-the-side (with the poor security of https encryption) can intercept your communication with the service and steal your credentials, secrets, and Bitcoins. Since the something-you-have also goes over the wire, this provides very little security to an attacker in these positions.

With Bitcoin, you must be your own bank. You cannot ask for a refund when you are defrauded.

Real personal two-factor relies on something you have along with something you know. Something you know is your password to the encrypted wallet. Something you have is your local computer with the Bitcoin wallet. If someone else doesn't have both of these, they can't send Bitcoins.

Another layer of something-you-have/something-you-know can be a two-layered encryption scheme for accessing the local device. An example would be a smart card OS drive encryption in combination with a password-based hardware drive encryption.

A further layer would be to use a TPM module for OS full disk encryption, this requires something you know (password to unlock TPM) and something you have (motherboard/system TPM) to access the drive. The drive separated from the security device is also useless.

If you want another layer of security, lock every Bitcoin wallet storage device or computer in a safe. Then to access it you need something you have (a safe, a key) and something you know (a combination).

I would disagree. Trezor wallets will not give you a lot of protection if someone gains physical access to your wallet file (or your Trezor in this example) then you will not be very well protected (this is the point of wanting to have 2FA).

There are not any wallet services that both allow you to access your private keys and offer 2FA protection - access to your private keys essentially means that no one can deny you access to your keys - which is what 2FA essentially does if you cannot complete the 2FA process.

If you want to use 2FA then you must give up access to your private keys, if you agree to this then you could use a service like circle or coinbase (or many/most exchanges)

You could at least encrypt your wallet with truecrypt (password and smartcard) I guess.

I don't think this would quite qualify as 2FA as there is no second authentication method with BIP38, all that you would need is the password to the BIP38 paper wallet (and the paper wallet itself) and you would have access to the funds in the wallet.

2FA is when you need a password + some code that is generated/sent to you via means other then when you login

Trezor is better alternative to 2FA, but the main disadvantage is the Trezor price.

quite agree.

Aside from blockchain.info I don't believe there is any computer wallets with 2-factor, but I wish there was. Maybe someone should develop one. It's far too easy for those who are less tech-savvy to have their bitcoins stolen and this will hamper mainstream adoption in my opinion.

Blockchain.info has 2FA.
Nobody can get into your wallet that way as far as I'm aware.

It'd be very difficult to any way.

even 2FA is not absolutely perfect, it has its weakness.

2 - I would warn people against trying to use multi sig addresses that do not know what they are doing as if you mess something up you can potentially lose access to your funds (a likely scenario is that you cannot figure out how to sign/broadcast a TX that you wish to broadcast and you do not have anyone you can sufficiently trust to help you)

1. BIP38 address : encrypt privkey with a password http://cryptocoinjs.com/modules/currency/bip38/
2. multisignature : you can use pubkeys to create a multisignature address  https://gist.github.com/gavinandresen/3966071

There is blockchain.info that does allow 2FA to access the wallet. Although you can potentially get around the 2FA if you contact blockchain.info and can prove your identity to their standards.

I also believe that you can get around their 2FA requirements by importing a backup of the wallet into a new wallet.

2FA is really not good for wallet security as all that 2FA does is rely on a 'trusted' third party to only give someone access when they can enter a code that is delivered to a device. This essentially means that you must give up access to the private keys to a third party, which in itself is a bad security practice.