Topic: Newbies how to use the 2FA security system in the account? (Read 567 times)
Having a 2FA security system for your accounts is important these days. It adds an extra layer of protection against unauthorized access, so I'm all for it.
Strongly recommend using google authenticator I've use it for years and doesn't really encounter problems with it
Google Authenticator is a close source 2FA and I don't recommend it.Use open source 2FA like Aegis, Tofu
https://getaegis.app/
https://github.com/beemdevelopment/Aegis
https://www.tofuauth.com/
You are right, I would recommend using an authenticator, but not necessarily google authenticator since it wasn't open source 2FA, I've edited my post here
Well, so far I haven't encountered issues with my authenticator with the new update, my biggest problem last time was the code was not saved to a certain account so it wasn't going to save on the situation when I lost my phone back in 2020 I think, but so far it was solved already, There was also a way to recover your account in case you have problems, you could bypass authenticator on a certain platform or account as long as you saved the codes on the authentications when you activate the authentication most of the platform is going to give you code that is going to allow you it turns off that authentication code in your account in case your phone was broken or stolen. I will take a look at this open-source authenticator that you are recommending. Thanks!
Strongly recommend using google authenticator I've use it for years and doesn't really encounter problems with it
Google Authenticator is a close source 2FA and I don't recommend it.Use open source 2FA like Aegis, Tofu
https://getaegis.app/
https://github.com/beemdevelopment/Aegis
https://www.tofuauth.com/
Edited:
I recommend using a authenticator I've been using it for years and don't really encounter problems with it, there are a few back then if you lose your phone.
I using google authenticator so far as I can remember codes cannot be recover back then as the codes are not save to your Gmail accounts so its difficult to recover unless you save the code on the account you put that authenticator. But there new recent system was great all data was already going to be save on the Google account so your not gonna have anyproblem anymore, if you lose your phone as long as you know your email account you could easily recover all of them instantly. It can easily save you from hacks incase someone get your password, a added layer of security was never going to go wrong, there are some cases of getting hack even though having authenticator, but in my opinion it only happened when the hacker get a access to a trusted device to which authenticator is bypass thinking that it was you since your password is save on it something like that.
Google wasn't open source but it work in my experience do its job as a authenticator, if you want a more secure one there are some open source one out there.
I recommend using a authenticator I've been using it for years and don't really encounter problems with it, there are a few back then if you lose your phone.
I using google authenticator so far as I can remember codes cannot be recover back then as the codes are not save to your Gmail accounts so its difficult to recover unless you save the code on the account you put that authenticator. But there new recent system was great all data was already going to be save on the Google account so your not gonna have anyproblem anymore, if you lose your phone as long as you know your email account you could easily recover all of them instantly. It can easily save you from hacks incase someone get your password, a added layer of security was never going to go wrong, there are some cases of getting hack even though having authenticator, but in my opinion it only happened when the hacker get a access to a trusted device to which authenticator is bypass thinking that it was you since your password is save on it something like that.
Google wasn't open source but it work in my experience do its job as a authenticator, if you want a more secure one there are some open source one out there.
OP, did a pretty good job of explaining this 2FA thing. We already know that two-factor authentication adds an extra layer of security to account. It usually accepts a unique code on mobile devices that needs to be entered in addition to the regular password when logging in. This helps prevent unauthorized access to the account even if the password is compromised. I use an app to store my important documents and use 2FA in the app, but I lost the 2FA private key and couldn't recover it later. So you should be very careful while using it so that even if your device is lost or damaged you can recover it again through the private key.
Since the introduction of 2FA, more security has been increased. In the past, email was more effective than ever. I like this technique, which is why I'm so glad I turned on 2FA. OP made it easier for newbies to know how to set up. So thank you very much for helping newbies.
I just found out that 2FA is now active on the forum, good move honestly, now we will have less compliant about people losing their accounts to unknown person.
Begginers who are not used to 2FA already should be careful, if you don't back up your 2FA codes you will lost access to your account, I don't think there will ever be a way to get your account back.
You can use google auth if you don't have any problem backing up your codes using your email account, I have tried it and it works, but I found Authy to be better than Google auth.
Begginers who are not used to 2FA already should be careful, if you don't back up your 2FA codes you will lost access to your account, I don't think there will ever be a way to get your account back.
You can use google auth if you don't have any problem backing up your codes using your email account, I have tried it and it works, but I found Authy to be better than Google auth.
Platforms typically mention google authenticator but this doesn't mean only google auth works. I believe, I've also listed why aegis is a lot better than google auth but I just wanna say that they're not:
1. relatively unknown - if you look up on online communites such reddit, it actually been recommeded a lot particularly on privacy and security focused communities, and even on bitcointalk by prominent members. also see their github: https://github.com/beemdevelopment/Aegis
2. nor a company - just some fellas doing god's work at no cost
1. relatively unknown - if you look up on online communites such reddit, it actually been recommeded a lot particularly on privacy and security focused communities, and even on bitcointalk by prominent members. also see their github: https://github.com/beemdevelopment/Aegis
2. nor a company - just some fellas doing god's work at no cost
I wish this existed since hearing about a lot of accounts being stolen. Of course I feel happy because there is multi-level security.
There are indeed several 2fa application options, but I have only heard of two familiar ones, Google Authenticator and Auty. I am a user of one of them. I've been using it for 9 years for my trading account. Right now I feel comfortable and quite safe. As for Aegis, I heard about it not long ago but I don't believe it yet. There is a feeling of hesitation to switch. But thank you, this makes me try to continue researching Aegis.
This a good one to end the year with 
For me, this is the best news on BT this year.
Though, as some already have said, I would recommend Aegis or Authenticator Pro (both on Android) as your 2FA app.
For me, this is the best news on BT this year. Though, as some already have said, I would recommend Aegis or Authenticator Pro (both on Android) as your 2FA app.
This was one of the best features released this year, and indeed, they should activate this feature in the forum and in the accounts of the platforms they constantly use. This feature will help forum members increase the security level of their accounts, making it difficult for scammers to change their passwords or email addresses when an active OTP is present in their accounts. It is crucial for Newbies to download the official Google Authenticator app from Google Play, as mentioned by OP, or from the Apple Store without downloading any fake apps or from outside these trusted stores. Increasing protection in their email is important, using a genuine email rather than a fake one generated by a website. It is advisable to link the two-factor authentication app with the email so that in case of a lost phone, they can recover OTP codes and retain the Shared secret (Base32) code in a secure place.
Thanks to you, OP, for sharing this tutorial, and I hope many who don't know how to activate this important feature will implement it.
Thanks to you, OP, for sharing this tutorial, and I hope many who don't know how to activate this important feature will implement it.
adding a 2 factor verification method needs a lot of time and coding. they've already did a lot of work implementing google 2FA and it is not been so long. I don't think Forum Admins would like to add another one or change current Google 2 Factor into Aegis
The forum does not need to change anything since any totp app works. Aegis and Google authenticator are both totp app hence both should work.
I prefer Google 2FA, every website and application I know use google 2fa. it sounds more authentic than a relatively unkown company. BTW I had never heard of Aegis before. it looks like it has been around for quite a few years. but still, I didn't see any website or apps using their 2fa.
Platforms typically mention google authenticator but this doesn't mean only google auth works. I believe, I've also listed why aegis is a lot better than google auth but I just wanna say that they're not:
1. relatively unknown - if you look up on online communites such reddit, it actually been recommeded a lot particularly on privacy and security focused communities, and even on bitcointalk by prominent members. also see their github: https://github.com/beemdevelopment/Aegis
2. nor a company - just some fellas doing god's work at no cost
If staking a Bitcoin address and a Bitcoin signed message is reminded in a notification for all new registered members in Bitcoin Talk, it will be useful for many new users.
I think it is more useful if it is not only an one-time notification after registration but also a pinned message for all users.
It is useful if 2FA, staking a Bitcoin address, a signed message is written in welcome message.
I think it is more useful if it is not only an one-time notification after registration but also a pinned message for all users.
It is useful if 2FA, staking a Bitcoin address, a signed message is written in welcome message.
I think the way to have the best impact would be to make an infoid item about it.
The newcomers will most probably not know how to sign a message and such "requirement", even if not enforced, might scare them. On the other hand, seeing every few days about it could convince even existing users they may want to make an effort and learn how to secure their account.
Both are valid points, indeed.
I think that having a bitcoin address staked in the proper place in the forum (and obviously, keeping its seed/private key really safe) is the correct move. All the rest, including this 2FA, is just some nice additions.
If staking a Bitcoin address and a Bitcoin signed message is reminded in a notification for all new registered members in Bitcoin Talk, it will be useful for many new users.I think it is more useful if it is not only an one-time notification after registration but also a pinned message for all users.
It is useful if 2FA, staking a Bitcoin address, a signed message is written in welcome message.
Still I can bet that most use 2FA software on the same device as the websites/apps needing 2FA for authentication (hence still pretty much one single point of failure, hence doing it wrong).
Ideally it should be done on different devices but having them on the same device does not defeat the purpose of it. For example it can protect against a leak of your password, cause the attacker will still need your 2FA code to get into your account.Not all breaches results in total security break on the device, so it has its perks.
I think that having a bitcoin address staked in the proper place in the forum (and obviously, keeping its seed/private key really safe) is the correct move. All the rest, including this 2FA, is just some nice additions.
Staking your address helps to recover your account after a hack, it does not protect you from one or the consequences. 2FA security system is used almost everywhere now so everyone should know it
Still I can bet that most use 2FA software on the same device as the websites/apps needing 2FA for authentication (hence still pretty much one single point of failure, hence doing it wrong).
2FA is nice, but without certain precautions it's not so useful.
I think that having a bitcoin address staked in the proper place in the forum (and obviously, keeping its seed/private key really safe) is the correct move. All the rest, including this 2FA, is just some nice additions.
I'm a new member here and can't figure out how to use it on my account.
OP has made good efforts in explaining this 2FA feature. I doubted if anyone would still be confused about it, although I was also confused about it, but on the main post of theymos some members cleared up my doubts related to QR and the unique code we are given with. I will say, follow the steps that OP has shown, then come back here and tell us if you are stuck somewhere, and we might be able to help you.
But rather than google authenticator, I suggest opting for aegis instead!
Couple of reasons are:
1. It's open source - google auth isn't
2. Offers encryption - google auth doesn't provide
3. Smoother and safer backup scheme - IIRC, google auth only provides QR code image (and you can't take a screenshot of this in-app) which you can use to export entries plus cloud backups. In aegis, you can automate encrypted backup files which you can then copy to other drive/s as a 2nd or 3rd backup.
4. Has a good history of being maintained regularly - google auth has actually been abandoned for so long and it was only recently that they started making some changes.
Get it at https://getaegis.app/
adding a 2 factor verification method needs a lot of time and coding. they've already did a lot of work implementing google 2FA and it is not been so long. I don't think Forum Admins would like to add another one or change current Google 2 Factor into Aegis Couple of reasons are:
1. It's open source - google auth isn't
2. Offers encryption - google auth doesn't provide
3. Smoother and safer backup scheme - IIRC, google auth only provides QR code image (and you can't take a screenshot of this in-app) which you can use to export entries plus cloud backups. In aegis, you can automate encrypted backup files which you can then copy to other drive/s as a 2nd or 3rd backup.
4. Has a good history of being maintained regularly - google auth has actually been abandoned for so long and it was only recently that they started making some changes.
Get it at https://getaegis.app/
I prefer Google 2FA, every website and application I know use google 2fa. it sounds more authentic than a relatively unkown company. BTW I had never heard of Aegis before. it looks like it has been around for quite a few years. but still, I didn't see any website or apps using their 2fa.
Aegis was introduced by mk4 4 years ago in 2019.
Some more 2FA tools and password managers for better password creation and management.
https://www.privacytools.io/secure-password-manager
Adding 2FA for Bitcointalk accounts is great but users must know they should do other things to secure their accounts and for account recovery later.
Signing a Bitcoin message from a staked Bitcoin address.
Signing a message from a PGP key.
Stake your PGP key.
Stake your Bitcoin address.
Some more 2FA tools and password managers for better password creation and management.
https://www.privacytools.io/secure-password-manager
Adding 2FA for Bitcointalk accounts is great but users must know they should do other things to secure their accounts and for account recovery later.
Signing a Bitcoin message from a staked Bitcoin address.
Signing a message from a PGP key.
Stake your PGP key.
Stake your Bitcoin address.
Since Im not visiting that page I didnt noticed that 2fa, so its really active now and can be used. Anyway thanks for sharing, with this post, I might set up mine anytime sooner. I really dont mind it before but good to have 2fa for added security.
Because if you lose your 2FA private key, you will not be able to access your account.
Everyone must ALWAYS remember this cause not sure if it can be recover, like other 2fa if gotten lost. 
I'm a new member here and can't figure out how to use it on my account.
Yes I see you are new but the OP explained it very well here hopefully every new member will understand better. OTP is introduced to increase account security. But it's personal matter if you want you can start OTP system but after starting OTP you must keep 2FA private key very carefully. Because if you lose your 2FA private key, you will not be able to access your account. Jump to: