Topic: How to use google authenticator on bitcoin wallets (Read 215 times)

You won't lose your coins if you lose 2FA provided by Trustedcoin for your 2FA Electrum wallet.

Two Factor Authentication (Electrum guide)
How to recover access to the bitcoins in your 2FA wallet
What is an Electrum 2FA Wallet and how does it work? (Trustedcoin guide)

2fa on Electrum is a service provided by a trusted Coin. there is an option for that before you create a wallet at the beginning, but even if it's safe I don't recommend it for newbies or beginners, because when you lost that you will hard to recover back, I think it better to use an additional passphrase then 2fa.

Ledger has a 2fa self that is called FIDO U2F which I think is useless if adding Google authenticator for an additional key.

Nice piece of information,  I never knew that with the same secret keyphrase I can generate 2fa codes with other softwares.

But to hack 2fa security I think it is nearly impossible for any hacker, because the number is continuously changing. So it is hard to hack.

Take note that the 2FA code is generated using a known algorithm. It's not that the 2FA code can be generated only by google.
In the case you have your secret key, you can import it in any other two factor authentication application and get the code even if google authenticator no longer works.

There is the chance that it can be hacked but not the actual Google Authenticator app but the device where it is installed and the user who uses it. Remember that it uses email and it also has some backup codes where an infiltrator can target those. Every system can be done with a reverse engineering by these hackers and we can't be sure that you're all protected mostly if you do nasty things through your computer or smart phone devices. Another 2FA is through phone/SMS, there have been simcard/sim swap hijacking that has been done by hackers and that's why if it's possible there to get reversed and hackers get those 2FA codes then even with GA, they'll need to target the actual user and not the app itself. That's why with information that's being monitored in almost every place, please be sensitive on how you share it publicly and avoid unnecessary downloading of apps. If you find a sketchy one and you're itching to download it, think of it first for so many times.

Any crypto wallet that offers 2fa Authentication is custodial, they don't give the wallet users the rightful access to their recovery seed, even if there is any non-custodial wallet that offers 2FA Authentication, the security is still very weak.

2FA auth only avoids temporary security, it stops someone from operating your wallet behind your back, but if someone manages to get your recovery seed, the 2FA Authentication won't protect your funds when the scammed import the recovery seed into another wallet, the 2FA Authentication is useless.

It can happen only if the server where's your account or your phone/device has the time a bit off. Usually syncing the time of your phone with an atomic clock fixes that.


Far too many people still think that the web sites offering them an account with user and password and allowing them access to a wallet are actual wallets (and hence they also call those services "wallets").


While it's pretty unlikely to happen, you do have a point: google authenticator is closed source so "there may be dragons" in there.
Still, I don't understand why do people still advertise and use that obsolete piece of software when there are better options - like Aegis (it was already said, but I doesn't hurt to emphasize it) - which would be open source and also offering backup/restore of the data.

Google authenticator may prevent anyone from accessing your account. But how can you use a third party software on your bitcoin wallet, op your title doesn't make any sense. Also, if you use google authenticator google has the chance to get access to your software. I don't usually use this, but if I am forced to use the authenticator in some place then I use it.

As I said in my previous post, you can have a 2FA wallet in electrum, but that's completely different from how two factor authentication work in custodial services like centralized exchanges.

When you set two factor authentication in a custodial wallet or an exchange, the service doesn't allow you to make a transaction or login to your account if you don't enter the correct 2FA code. We can have this feature only on custodial services, since they have full control over users fund. In a non-custodial wallet where you have access to your private keys, you have full control over your fund and we can't have two-factor authentication in the same way as a custodial wallet or an exchange.

You can have a 2FA wallet in electrum as well, but as I said above, it works in a different way. Electrum 2FA wallet is a 2 of 3 multi-signature wallet. This means that there are three private keys for each of addresses and 2 of them are required for making a tranaction. In a 2FA electrum wallet, one of master private keys is stored in the wallet file and one of them is owned by a third party called trustedcoin.
When you want to make a transaction, you have to ask trustedcoin to sign the transaction for you. In electrum 2FA wallet, you have a seed phrase which can be used for deriving two of master private keys and disabling 2FA. So, you still have full control over your fund.  

You are right, Electrum has no option of google authenticators to enable 2FA on your cold wallet but you can use other option to enable 2FA on your electrum like YubiKey and multi signature mechanisms but if you do not prefer them, then you could use, Ledger Nano X and Ledger Nano S. Because they can be integrated with Google Authenticator.

Hackers always found vulnerabilities in your activities and the device you are using. Like if you have clicked on some spammy and phishing links then there is slight chances that you must have given your access to the hackers and once your device is compromised no google authenticator can save your assets as google authenticator's code is placed in your smartphone. So best practices is to use a different device to use your 2FA google Authenticator to increase security so if one device got hacked then yours's one could not and only use that device for this dedicated work of 2FA.

It can't be hacked but since we are installing it on a device the device itself can be hijacked so the hacker may get the access to your codes which can lead to loss.

OP you're talking about exchange security not for the wallet here because exchange and wallet is different, already 2FA on Electrum is explained above so now moving on to the exchange 2fa it isn't 100% secured too, it just another security layer to avoid unauthorised access but it's not going to save you when exchange itself get hacked.

Can Google Authentication be hacked?

What you said is right, I myself almost all centralized trading Apps use Google Authenticator. Because GA is one of the two factor authentication tools that can be used to increase the security of bitcoin assets. By using this tool, we will be asked to enter a unique code generated by the Google Authenticator application every time we log into the centralized trading application. The unique code changes every few seconds, making it difficult for unauthorized persons to gain access to centralized trading applications.

By using Google Authenticator or other two-factor authentication tools, we can ensure that only we can access our centralized trading and protect our assets from possible security threats. But this Google Authenticator only exists in centralized trading wallets, in bitcoin wallets like Electrum and blue wallets which as far as I know there is no Google Authenticator.

It's always Charming to see Tutorials from newbies like me sharing What to do and how to do it.
Nice try, but I don't think any wallet has a system to bind Google authenticator app. Electrum wallet already has a 2FA system with a 3rd party, Trusted Coin. Just be more careful with your wallet and you don't have to use Google authenticator. BTW, Trading app and investment is not a Wallet.

You forgot to mention that the Google authenticator (or whichever authenticator you prefer) should not be installed on the same phone/device as your trading app.

Your authenticator app should be installed on a separate device so that even if hackers successfully hack into your device, they will not be able to gain access to your 2fa code. However, if the authenticator app and your trading app are installed on the same phone, a hacker can easily get your 2fa and do whatever they want with your trading app or CEXs app.
And this defeats the entire purpose of having the 2fa setup.

A trading app is not a wallet. My wallets are off-limit for Google.

--Knight Hider

You got it wrong. Google Authenticator or any 2-factor authentication application does not provide us anti-scam service. Those applications provide us a protection against digital thieves who can make our devices infected and steal our identity, login information then steal our money. It's thief, not scam!

Google is close source and in cryptocurrency, choose open source. With 2FA application, choose Aegis.
Aegis Authenticator, a decent alternative to Google Authenticator and Authy

Don't go to app stores and search for applications then download them. Did you know that many fake applications are there in those app stores especially in Google Play Store to make your devices infected?

Go to official websites and get links to download applications.

Bitcoin wallets mostly don't provide 2FA. Mostly 2FA is available for online accounts that are risky.
Reminder: do not keep your money in online accounts

Electrum wallet has 2FA but you have to pay addition fee for each transaction to Trustedcoin, a third party provides 2FA feature for Electrum.

With most of Bitcoin wallet softwares, you can set up multi-sign wallets. Rather than a single wallet with single signature, you will have 2nd, 3rd co-signers which are likely 2FA for your wallet.

In electrum, you can create a 2FA wallet which is actually a 2 of 3 multi-signature wallet.
Whenever you want to make a transaction from your electrum 2FA wallet, your transaction has to be signed by a third party called trustedcoin. For asking trustedcoin to sign your transaction, you should enter the 2FA code.

Electrum is the only non-custodial wallet with such a feature.

Google authenticator in bitcoin wallet? I don't think it's necessary. Because I am saving Bitcoin using electrum and I don't see anything that it has a google authenticator that needs to be used.

Also, as far as I know, it can only be used in centralized exchanges if you have a trading activity, not on electrum, I don't know if trust wallet also has these features, but it doesn't seem to be there either.

Google authenticator is not open source, the source code is not reproducible, or you can correct me if that is not correct. I will prefer to use open source indicator like Aegis instead which I can even backup without necessarily using QR code which is meant for import.

Authenticators are not anti scam device, they are applications.

Also the word anti-hack would be better, not anti-scam app. It does not also lock wallet, it makes your account or wallet you used it for to request for a code to broadcast a transaction. Without the TOTP six digit code, the transaction will not broadcast, but it does not lock the wallet.

But if using it for a custodial wallet or an exchange, possibly there may be a warning that you have certain number of times that you can use a wrong code before the wallet is locked for 24 hours, but that is done by the exchange or custodial wallet.

Do not misuse the word scammers, hackers is the right word to use. You voluntary handing over your coins to scammers because you believe them, but hackers find a way to hack your wallet. So anyone that fall victim of scam will even send a coin to scammer without the scammer hacking into his wallet.

If you used the QR code generated by the wallet, the name would automatically be generated and will likely be the name of the wallet or exchange. I will prefer the way you explained it and input the name that I like.

Note: it is very important that your 2fa app should not be on the device your accounts and wallets you are using it for are, they should be on a separate device.