This is not a topic about how to do 2FA, how it works etc etc. I'm talking about the efficacy of 2FA with TrustedCoin in preventing users' funds from getting compromised by a malicious party.
As a starter, 2FA by TrustedCoin incurs extra fees through both the larger TX size as well as their fees to be charged for the transactions signed by them. The benefits of TrustedCoin, however isn't exactly clear. On one hand, it would prevent attacks if the attacker is in control of the system for short periods of time and if the attacker doesn't install malware on it's computer. If the computer gets compromised by malware, the OTP that could be captured can be used to get TrustedCoin to sign an alternate transaction. It seems feasible in theory but I've yet to see anyone done it.
In addition, if the malware existed since the creation of the wallet, the 2FA would be totally useless. Does the 2FA in Electrum provide a false sense of security to the user or is there an actual use case that would justify the fees that TrustedCoin receives for their service?
Just some thoughts since Electrum's docs specifically mentions
adding another level of security in the event of your computer being compromised
. And a lot of newbies has been using 2FA and having quite some trouble with it as well.