Topic: Newbies how to use the 2FA security system in the account? (Read 567 times)

Having a 2FA security system for your accounts is important these days. It adds an extra layer of protection against unauthorized access, so I'm all for it.

You are right, I would recommend using an authenticator, but not necessarily google authenticator since it wasn't open source 2FA, I've edited my post here  

Well, so far I haven't encountered issues with my authenticator with the new update, my biggest problem last time was the code was not saved to a certain account so it wasn't going to save on the situation when I lost my phone back in 2020 I think, but so far it was solved already, There was also a way to recover your account in case you have problems, you could bypass authenticator on a certain platform or account as long as you saved the codes on the authentications when you activate the authentication most of the platform is going to give you code that is going to allow you it turns off that authentication code in your account in case your phone was broken or stolen. I will take a look at this open-source authenticator that you are recommending. Thanks!

Google Authenticator is a close source 2FA and I don't recommend it.

Use open source 2FA like Aegis, Tofu

https://getaegis.app/
https://github.com/beemdevelopment/Aegis

https://www.tofuauth.com/

Edited:
I recommend using a authenticator I've been using it for years and don't really encounter problems with it, there are a few back then if you lose your phone.
I using google authenticator so far as I can remember codes cannot be recover back then as the codes are not save to your Gmail accounts so its difficult to recover unless you save the code on the account you put that authenticator. But there new recent system was great all data was already going to be save on the Google account so your not gonna have anyproblem anymore, if you lose your phone as long as you know your email account you could easily recover all of them instantly. It can easily save you from hacks incase someone get your password, a added layer of security was never going to go wrong, there are some cases of getting hack even though having authenticator, but in my opinion it only happened when the hacker get a access to a trusted device to which authenticator is bypass thinking that it was you since your password is save on it something like that.

Google wasn't open source but it work in my experience do its job as a authenticator, if you want a more secure one there are some open source one out there.

OP, did a pretty good job of explaining this 2FA thing. We already know that two-factor authentication adds an extra layer of security to account. It usually accepts a unique code on mobile devices that needs to be entered in addition to the regular password when logging in. This helps prevent unauthorized access to the account even if the password is compromised. I use an app to store my important documents and use 2FA in the app, but I lost the 2FA private key and couldn't recover it later. So you should be very careful while using it so that even if your device is lost or damaged you can recover it again through the private key.

Since the introduction of 2FA, more security has been increased. In the past, email was more effective than ever. I like this technique, which is why I'm so glad I turned on 2FA. OP made it easier for newbies to know how to set up. So thank you very much for helping newbies.

I just found out that 2FA is now active on the forum, good move honestly, now we will have less compliant about people losing their accounts to unknown person.

Begginers who are not used to 2FA already should be careful, if you don't back up your 2FA codes you will lost access to your account, I don't think there will ever be a way to get your account back.

You can use google auth if you don't have any problem backing up your codes using your email account, I have tried it and it works, but I found Authy to be better than Google auth.

I wish this existed since hearing about a lot of accounts being stolen. Of course I feel happy because there is multi-level security.

There are indeed several 2fa application options, but I have only heard of two familiar ones, Google Authenticator and Auty. I am a user of one of them. I've been using it for 9 years for my trading account. Right now I feel comfortable and quite safe. As for Aegis, I heard about it not long ago but I don't believe it yet. There is a feeling of hesitation to switch. But thank you, this makes me try to continue researching Aegis.

This a good one to end the year with For me, this is the best news on BT this year.

Though, as some already have said, I would recommend Aegis or Authenticator Pro (both on Android) as your 2FA app.

This was one of the best features released this year, and indeed, they should activate this feature in the forum and in the accounts of the platforms they constantly use. This feature will help forum members increase the security level of their accounts, making it difficult for scammers to change their passwords or email addresses when an active OTP is present in their accounts. It is crucial for Newbies to download the official Google Authenticator app from Google Play, as mentioned by OP, or from the Apple Store without downloading any fake apps or from outside these trusted stores. Increasing protection in their email is important, using a genuine email rather than a fake one generated by a website. It is advisable to link the two-factor authentication app with the email so that in case of a lost phone, they can recover OTP codes and retain the Shared secret (Base32) code in a secure place.

Thanks to you, OP, for sharing this tutorial, and I hope many who don't know how to activate this important feature will implement it.

The forum does not need to change anything since any totp app works. Aegis and Google authenticator are both totp app hence both should work.


Platforms typically mention google authenticator but this doesn't mean only google auth works. I believe, I've also listed why aegis is a lot better than google auth but I just wanna say that they're not:

1. relatively unknown - if you look up on online communites such reddit, it actually been recommeded a lot particularly on privacy and security focused communities, and even on bitcointalk by prominent members. also see their github: https://github.com/beemdevelopment/Aegis

2. nor a company - just some fellas doing god's work at no cost

I think the way to have the best impact would be to make an infoid item about it.
The newcomers will most probably not know how to sign a message and such "requirement", even if not enforced, might scare them. On the other hand, seeing every few days about it could convince even existing users they may want to make an effort and learn how to secure their account.

---

Both are valid points, indeed.

If staking a Bitcoin address and a Bitcoin signed message is reminded in a notification for all new registered members in Bitcoin Talk, it will be useful for many new users.

I think it is more useful if it is not only an one-time notification after registration but also a pinned message for all users.

It is useful if 2FA, staking a Bitcoin address, a signed message is written in welcome message.

Ideally it should be done on different devices but having them on the same device does not defeat the purpose of it. For example it can protect against a leak of your password, cause the attacker will still need your 2FA code to get into your account.
Not all breaches results in total security break on the device, so it has its perks.

Staking your address helps to recover your account after a hack, it does not protect you from one or the consequences.

Still I can bet that most use 2FA software on the same device as the websites/apps needing 2FA for authentication (hence still pretty much one single point of failure, hence doing it wrong).
2FA is nice, but without certain precautions it's not so useful.
I think that having a bitcoin address staked in the proper place in the forum (and obviously, keeping its seed/private key really safe) is the correct move. All the rest, including this 2FA, is just some nice additions.

2FA security system is used almost everywhere now so everyone should know it and I think everyone knows it though op explained it very nicely which will be very useful for newbies. But for me it's not a big deal. Anyway thanks to the op for clarifying the issue here very quickly after the feature was introduced on the forum. This post is very helpful for those who are not familiar with 2FA.

adding a 2 factor verification method needs a lot of time and coding. they've already did a lot of work implementing google 2FA and it is not been so long. I don't think Forum Admins would like to add another one or change  current Google 2 Factor into Aegis
I prefer Google 2FA, every website and application I know use google 2fa. it sounds more authentic than a relatively unkown company. BTW I had never heard of Aegis before. it looks like it has been around for quite a few years. but still, I didn't see any website or apps using their 2fa.

Aegis was introduced by mk4 4 years ago in 2019.

Some more 2FA tools and password managers for better password creation and management.
https://www.privacytools.io/secure-password-manager

Adding 2FA for Bitcointalk accounts is great but users must know they should do other things to secure their accounts and for account recovery later.


Signing a Bitcoin message from a staked Bitcoin address.
Signing a message from a PGP key.

Stake your PGP key.
Stake your Bitcoin address.

Since Im not visiting that page I didnt noticed that 2fa, so its really active now and can be used. Anyway thanks for sharing, with this post, I might set up mine anytime sooner. I really dont mind it before but good to have 2fa for added security.

Everyone must ALWAYS remember this cause not sure if it can be recover, like other 2fa if gotten lost.

Yes I see you are new but the OP explained it very well here hopefully every new member will understand better. OTP is introduced to increase account security. But it's personal matter if you want you can start OTP system but after starting OTP you must keep 2FA private key very carefully. Because if you lose your 2FA private key, you will not be able to access your account.

Unfortunately OP seems to have forgotten one critical thing about QR code and 2FA key : you should store it carefully elsewhere because the one displayed onto the profile is freshly generated each time you go the page or you reload it. So people shouldn't think the 2FA key is sustainably stored into their profile if they lost their smartphone or remove the code from the app they will have a bad surprise if they can't access their email box either.

Some newbies might find it hard to follow or to know where you can see the account related settings. If they didn't know where it is then i'll share it to them. It is in the "Profile" that is shown in the left top side right beside the search and my messages. Anyway, OP it would be better if you use different authenticator like aegis that potato chips provided and also the reasons why google authenticator isn't good to use.

But rather than google authenticator, I suggest opting for aegis instead!

Couple of reasons are:

1. It's open source - google auth isn't
2. Offers encryption - google auth doesn't provide
3. Smoother and safer backup scheme - IIRC, google auth only provides QR code image (and you can't take a screenshot of this in-app) which you can use to export entries plus cloud backups. In aegis, you can automate encrypted backup files which you can then copy to other drive/s as a 2nd or 3rd backup.
4. Has a good history of being maintained regularly - google auth has actually been abandoned for so long and it was only recently that they started making some changes.

Get it at https://getaegis.app/

OP has made good efforts in explaining this 2FA feature. I doubted if anyone would still be confused about it, although I was also confused about it, but on the main post of theymos some members cleared up my doubts related to QR and the unique code we are given with.

I will say, follow the steps that OP has shown, then come back here and tell us if you are stuck somewhere, and we might be able to help you.

You are a new member This post is for new members.
Pay full attention and try to understand the whole post maybe you will succeed.

Try again and best of luck

I'm a new member here and can't figure out how to use it on my account.

Many accounts in our forum get hacked or many steal maybe to solve this problem forum admin @theymos and @PowerGlove introduced a feature where you can protect your account through 2FA security system.

---

theymos post link: 2FA Added:>> https://bitcointalksearch.org/topic/2fa-added-5478824

So let's start discussing in detail how to use this 2FA security system on your account.
First you login to your bitcointalk account and after login click on account related setting.


After clicking on account related settings, you will see a page like this. There you can see your account username and the Gmail used in your account which you provided while opening the account. You can also see two factor authentication status. This two factor authentication status will be disabled you need to enable or enable it. To enable it, you will see that it says Enable Two Factor Authentication, you will tick the blank box

Then you will see the shared secret (base32) written under authentication, you will see that I have covered it with a red mark, you should copy that. And copy if you have Google authenticator then set it there as you have set your authenticator of Binance exchange and Kucoin exchange and save it.
If you don't have it then go to Google Play Store and download it.
Download link; https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2



After setting your google authenticator, copy the code from there and paste the Confirm OTP blank.
After pasting, see Current Password is written below, enter your password, then click on Change Profile in the right corner.
Then the 2FA security system will be added to your account

I have also used this 2FA security system and am showing it to you in my account.When logging in to the account in which you have used the 2FA security system, copy the username password of your account and the code from google authenticator and paste the blank OTP and click on the login option

In this way you can use 2FA authentication system in your account.