Author

Topic: How to use google authenticator on bitcoin wallets (Read 217 times)

sr. member
Activity: 602
Merit: 387
Rollbit is for you. Take $RLB token!
2fa on Electrum is a service provided by a trusted Coin. there is an option for that before you create a wallet at the beginning, but even if it's safe I don't recommend it for newbies or beginners, because when you lost that you will hard to recover back, I think it better to use an additional passphrase then 2fa.
You won't lose your coins if you lose 2FA provided by Trustedcoin for your 2FA Electrum wallet.

Two Factor Authentication (Electrum guide)
How to recover access to the bitcoins in your 2FA wallet
What is an Electrum 2FA Wallet and how does it work? (Trustedcoin guide)
Quote
This works by using Bitcoin's multi-signature functionality. An Electrum 2FA wallet uses 2-of-3 multi-signature addresses. This means two out of three keys are required to spend from these addresses.
...
Because only one key is contained in your wallet (and two are required to spend) a wallet file compromise is no longer fatal. Since you retain possession of two of the three keys, you enjoy full control of your coins even if TrustedCoin were to disappear. Restoring your wallet from it's seed phrase offers you the option to disable 2FA (by storing both of your keys in the wallet file) or provision another 2nd factor device.
legendary
Activity: 1526
Merit: 1032
Up to 300% + 200 FS deposit bonuses
But this Google Authenticator only exists in centralized trading wallets, in bitcoin wallets like Electrum and blue wallets which as far as I know there is no Google Authenticator.
You are right, Electrum has no option of google authenticators to enable 2FA on your cold wallet but you can use other option to enable 2FA on your electrum like YubiKey and multi signature mechanisms but if you do not prefer them, then you could use, Ledger Nano X and Ledger Nano S. Because they can be integrated with Google Authenticator.
2fa on Electrum is a service provided by a trusted Coin. there is an option for that before you create a wallet at the beginning, but even if it's safe I don't recommend it for newbies or beginners, because when you lost that you will hard to recover back, I think it better to use an additional passphrase then 2fa.

Ledger has a 2fa self that is called FIDO U2F which I think is useless if adding Google authenticator for an additional key.
full member
Activity: 756
Merit: 133
- hello doctor who box
Take note that the 2FA code is generated using a known algorithm. It's not that the 2FA code can be generated only by google.
In the case you have your secret key, you can import it in any other two factor authentication application and get the code even if google authenticator no longer works.

Nice piece of information,  I never knew that with the same secret keyphrase I can generate 2fa codes with other softwares.

But to hack 2fa security I think it is nearly impossible for any hacker, because the number is continuously changing. So it is hard to hack.
legendary
Activity: 2380
Merit: 5213
Google authenticator may prevent anyone from accessing your account.
Take note that the 2FA code is generated using a known algorithm. It's not that the 2FA code can be generated only by google.
In the case you have your secret key, you can import it in any other two factor authentication application and get the code even if google authenticator no longer works.
hero member
Activity: 3024
Merit: 745
Top Crypto Casino
Can Google Authentication be hacked?
There is the chance that it can be hacked but not the actual Google Authenticator app but the device where it is installed and the user who uses it. Remember that it uses email and it also has some backup codes where an infiltrator can target those. Every system can be done with a reverse engineering by these hackers and we can't be sure that you're all protected mostly if you do nasty things through your computer or smart phone devices. Another 2FA is through phone/SMS, there have been simcard/sim swap hijacking that has been done by hackers and that's why if it's possible there to get reversed and hackers get those 2FA codes then even with GA, they'll need to target the actual user and not the app itself. That's why with information that's being monitored in almost every place, please be sensitive on how you share it publicly and avoid unnecessary downloading of apps. If you find a sketchy one and you're itching to download it, think of it first for so many times.
hero member
Activity: 686
Merit: 403
DGbet.fun - Crypto Sportsbook
Any crypto wallet that offers 2fa Authentication is custodial, they don't give the wallet users the rightful access to their recovery seed, even if there is any non-custodial wallet that offers 2FA Authentication, the security is still very weak.

2FA auth only avoids temporary security, it stops someone from operating your wallet behind your back, but if someone manages to get your recovery seed, the 2FA Authentication won't protect your funds when the scammed import the recovery seed into another wallet, the 2FA Authentication is useless.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Google authenticator may prevent anyone from accessing your account.

It can happen only if the server where's your account or your phone/device has the time a bit off. Usually syncing the time of your phone with an atomic clock fixes that.

But how can you use a third party software on your bitcoin wallet, op your title doesn't make any sense.

Far too many people still think that the web sites offering them an account with user and password and allowing them access to a wallet are actual wallets (and hence they also call those services "wallets").

Also, if you use google authenticator google has the chance to get access to your software. I don't usually use this, but if I am forced to use the authenticator in some place then I use it.

While it's pretty unlikely to happen, you do have a point: google authenticator is closed source so "there may be dragons" in there.
Still, I don't understand why do people still advertise and use that obsolete piece of software when there are better options - like Aegis (it was already said, but I doesn't hurt to emphasize it) - which would be open source and also offering backup/restore of the data.
full member
Activity: 756
Merit: 133
- hello doctor who box
Google authenticator may prevent anyone from accessing your account. But how can you use a third party software on your bitcoin wallet, op your title doesn't make any sense. Also, if you use google authenticator google has the chance to get access to your software. I don't usually use this, but if I am forced to use the authenticator in some place then I use it.
legendary
Activity: 2380
Merit: 5213
But this Google Authenticator only exists in centralized trading wallets, in bitcoin wallets like Electrum and blue wallets which as far as I know there is no Google Authenticator.
As I said in my previous post, you can have a 2FA wallet in electrum, but that's completely different from how two factor authentication work in custodial services like centralized exchanges.

When you set two factor authentication in a custodial wallet or an exchange, the service doesn't allow you to make a transaction or login to your account if you don't enter the correct 2FA code. We can have this feature only on custodial services, since they have full control over users fund. In a non-custodial wallet where you have access to your private keys, you have full control over your fund and we can't have two-factor authentication in the same way as a custodial wallet or an exchange.

You can have a 2FA wallet in electrum as well, but as I said above, it works in a different way. Electrum 2FA wallet is a 2 of 3 multi-signature wallet. This means that there are three private keys for each of addresses and 2 of them are required for making a tranaction. In a 2FA electrum wallet, one of master private keys is stored in the wallet file and one of them is owned by a third party called trustedcoin.
When you want to make a transaction, you have to ask trustedcoin to sign the transaction for you. In electrum 2FA wallet, you have a seed phrase which can be used for deriving two of master private keys and disabling 2FA. So, you still have full control over your fund.  
hero member
Activity: 1386
Merit: 513
Payment Gateway Allows Recurring Payments
But this Google Authenticator only exists in centralized trading wallets, in bitcoin wallets like Electrum and blue wallets which as far as I know there is no Google Authenticator.
You are right, Electrum has no option of google authenticators to enable 2FA on your cold wallet but you can use other option to enable 2FA on your electrum like YubiKey and multi signature mechanisms but if you do not prefer them, then you could use, Ledger Nano X and Ledger Nano S. Because they can be integrated with Google Authenticator.

Can Google Authentication be hacked?
Hackers always found vulnerabilities in your activities and the device you are using. Like if you have clicked on some spammy and phishing links then there is slight chances that you must have given your access to the hackers and once your device is compromised no google authenticator can save your assets as google authenticator's code is placed in your smartphone. So best practices is to use a different device to use your 2FA google Authenticator to increase security so if one device got hacked then yours's one could not and only use that device for this dedicated work of 2FA.
sr. member
Activity: 2520
Merit: 280
Hire Bitcointalk Camp. Manager @ r7promotions.com
Can Google Authentication be hacked?
It can't be hacked but since we are installing it on a device the device itself can be hijacked so the hacker may get the access to your codes which can lead to loss.

OP you're talking about exchange security not for the wallet here because exchange and wallet is different, already 2FA on Electrum is explained above so now moving on to the exchange 2fa it isn't 100% secured too, it just another security layer to avoid unauthorised access but it's not going to save you when exchange itself get hacked.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
Can Google Authentication be hacked?
full member
Activity: 588
Merit: 223
Snip
What you said is right, I myself almost all centralized trading Apps use Google Authenticator. Because GA is one of the two factor authentication tools that can be used to increase the security of bitcoin assets. By using this tool, we will be asked to enter a unique code generated by the Google Authenticator application every time we log into the centralized trading application. The unique code changes every few seconds, making it difficult for unauthorized persons to gain access to centralized trading applications.

By using Google Authenticator or other two-factor authentication tools, we can ensure that only we can access our centralized trading and protect our assets from possible security threats. But this Google Authenticator only exists in centralized trading wallets, in bitcoin wallets like Electrum and blue wallets which as far as I know there is no Google Authenticator.
hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
It's always Charming to see Tutorials from newbies like me sharing What to do and how to do it.
Nice try, but I don't think any wallet has a system to bind Google authenticator app. Electrum wallet already has a 2FA system with a 3rd party, Trusted Coin. Just be more careful with your wallet and you don't have to use Google authenticator. BTW, Trading app and investment is not a Wallet.
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
~~~

You forgot to mention that the Google authenticator (or whichever authenticator you prefer) should not be installed on the same phone/device as your trading app.

Your authenticator app should be installed on a separate device so that even if hackers successfully hack into your device, they will not be able to gain access to your 2fa code. However, if the authenticator app and your trading app are installed on the same phone, a hacker can easily get your 2fa and do whatever they want with your trading app or CEXs app.
And this defeats the entire purpose of having the 2fa setup.
member
Activity: 239
Merit: 59
a young loner on a crusade
A trading app is not a wallet. My wallets are off-limit for Google.

--Knight Hider
hero member
Activity: 1442
Merit: 775
Google authenticator is necessary anti scam device that helps to lock wallets or transactions process.
You got it wrong. Google Authenticator or any 2-factor authentication application does not provide us anti-scam service. Those applications provide us a protection against digital thieves who can make our devices infected and steal our identity, login information then steal our money. It's thief, not scam!

Google is close source and in cryptocurrency, choose open source. With 2FA application, choose Aegis.
Aegis Authenticator, a decent alternative to Google Authenticator and Authy

Quote
First, go to play store and download it
Don't go to app stores and search for applications then download them. Did you know that many fake applications are there in those app stores especially in Google Play Store to make your devices infected?

Go to official websites and get links to download applications.

Bitcoin wallets mostly don't provide 2FA. Mostly 2FA is available for online accounts that are risky.
Reminder: do not keep your money in online accounts

Electrum wallet has 2FA but you have to pay addition fee for each transaction to Trustedcoin, a third party provides 2FA feature for Electrum.

With most of Bitcoin wallet softwares, you can set up multi-sign wallets. Rather than a single wallet with single signature, you will have 2nd, 3rd co-signers which are likely 2FA for your wallet.
legendary
Activity: 2380
Merit: 5213
Also, as far as I know, it can only be used in centralized exchanges if you have a trading activity, not on electrum, I don't know if trust wallet also has these features, but it doesn't seem to be there either.
In electrum, you can create a 2FA wallet which is actually a 2 of 3 multi-signature wallet.
Whenever you want to make a transaction from your electrum 2FA wallet, your transaction has to be signed by a third party called trustedcoin. For asking trustedcoin to sign your transaction, you should enter the 2FA code.

Also, as far as I know, it can only be used in centralized exchanges if you have a trading activity, not on electrum, I don't know if trust wallet also has these features, but it doesn't seem to be there either.
Electrum is the only non-custodial wallet with such a feature.
hero member
Activity: 1666
Merit: 453
Google authenticator is necessary anti scam device that helps to lock wallets or transactions process. It contains key words which can be use at every opening of transactions. Scammers can not have access to your wallets because authenticators is primary source of one device per time, if nobody have access to your device nobody will have to your wallets or income.

How to use it:
First, go to play store and download it
Then open your trading apps or investment apps.
Go to settings, click on securities or password and it will show activate authenticator. Open it and copy the code that will appear there.
Now go back to google authenticator app you downloaded inserts or paste the code you copy from your trading apps.
Put a similar name you're using at your trading apps, create password for it, then activate.

When you go back to your trading apps, every opening of transactions required authenticator. And is only you that have it.

Google authenticator in bitcoin wallet? I don't think it's necessary. Because I am saving Bitcoin using electrum and I don't see anything that it has a google authenticator that needs to be used.

Also, as far as I know, it can only be used in centralized exchanges if you have a trading activity, not on electrum, I don't know if trust wallet also has these features, but it doesn't seem to be there either.
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
Google authenticator is not open source, the source code is not reproducible, or you can correct me if that is not correct. I will prefer to use open source indicator like Aegis instead which I can even backup without necessarily using QR code which is meant for import.

Google authenticator is necessary anti scam device that helps to lock wallets or transactions process.
Authenticators are not anti scam device, they are applications.

Also the word anti-hack would be better, not anti-scam app. It does not also lock wallet, it makes your account or wallet you used it for to request for a code to broadcast a transaction. Without the TOTP six digit code, the transaction will not broadcast, but it does not lock the wallet.

But if using it for a custodial wallet or an exchange, possibly there may be a warning that you have certain number of times that you can use a wrong code before the wallet is locked for 24 hours, but that is done by the exchange or custodial wallet.

Scammers can not have access to your wallets because authenticators is primary source of one device per time, if nobody have access to your device nobody will have to your wallets or income.
Do not misuse the word scammers, hackers is the right word to use. You voluntary handing over your coins to scammers because you believe them, but hackers find a way to hack your wallet. So anyone that fall victim of scam will even send a coin to scammer without the scammer hacking into his wallet.

Put a similar name you're using at your trading apps, create password for it, then activate.
If you used the QR code generated by the wallet, the name would automatically be generated and will likely be the name of the wallet or exchange. I will prefer the way you explained it and input the name that I like.

Note: it is very important that your 2fa app should not be on the device your accounts and wallets you are using it for are, they should be on a separate device.
jr. member
Activity: 104
Merit: 9
Google authenticator is necessary anti scam device that helps to lock wallets or transactions process. It contains key words which can be use at every opening of transactions. Scammers can not have access to your wallets because authenticators is primary source of one device per time, if nobody have access to your device nobody will have to your wallets or income.

How to use it:
First, go to play store and download it
Then open your trading apps or investment apps.
Go to settings, click on securities or password and it will show activate authenticator. Open it and copy the code that will appear there.
Now go back to google authenticator app you downloaded inserts or paste the code you copy from your trading apps.
Put a similar name you're using at your trading apps, create password for it, then activate.

When you go back to your trading apps, every opening of transactions required authenticator. And is only you that have it.
Jump to: