Author

Topic: Question About 2FA and Privacy (Read 509 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
March 08, 2016, 09:08:01 PM
#8
I think he wasn't talking about bitcoin or paper wallets, just 2FA in general, and deep web / dark web particularly that offer 2FA for logins.
hero member
Activity: 1008
Merit: 510
March 08, 2016, 06:47:37 PM
#7
If you want to be completely protected and not have to do 2FA, you could just use paper wallets mostly rather than third party wallets.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
March 08, 2016, 05:53:56 PM
#6
For android, there are several third party open source apps you can download for 2FA. You could then compile them yourself from source and side load it into an always-airplane mode mobile phone.

Or just grab a trusted APK, like from the Play Store.
sr. member
Activity: 434
Merit: 511
March 08, 2016, 11:29:29 AM
#5
Because 2-factor methods are not limited to phones or apps. You can use your pgp key which is likely what most of the darknet markets use.

Gotcha...thanks for the clarification.  I'm just kind of getting started in terms of browsing deep web sites, etc. and TOR, so I'm coming across a few things I don't quite understand.  Another thing I'd seen was people who had their personal pages on .onion domains....but were still using their full names, etc.  I just don't understand why one would want a .onion site and *not* be anonymous. 

Yes, I am using the 2 factor Authentication now, and it is really just the Google authenticator app which you download from the store.
And there you can have multiple websites or bitcoin wallets in there, So you will stay anonymous if you want.

I personally really like the 2 factor authentication, because I feel safer putting my Bitcoins in A wallet with 2 factor Authentication.
legendary
Activity: 4536
Merit: 3188
Vile Vixen and Miss Bitcointalk 2021-2023
March 07, 2016, 10:26:02 PM
#4
This inherently (and, I suppose, this is the purpose) ties an account to a phone number or a device.
It doesn't. In the case of Google Authenticator and similar apps, it ties it to a key (used to generate one-time codes) stored on the device. You can transfer it to other devices, or even run the app on your PC, though that kinda defeats the purpose (which is that a keylogger doesn't have access to everything needed to access your account, the key being on another device).

I just don't understand why one would want a .onion site and *not* be anonymous. 
Sometimes the operator of the website has no need to be anonymous, but wishes the users to be. For this reason, there is currently some development on "direct onion services" which are faster but not anonymous for the operator.
full member
Activity: 196
Merit: 100
★Bitvest.io★ Play Plinko or Invest!
March 07, 2016, 12:30:24 PM
#3
Because 2-factor methods are not limited to phones or apps. You can use your pgp key which is likely what most of the darknet markets use.

Gotcha...thanks for the clarification.  I'm just kind of getting started in terms of browsing deep web sites, etc. and TOR, so I'm coming across a few things I don't quite understand.  Another thing I'd seen was people who had their personal pages on .onion domains....but were still using their full names, etc.  I just don't understand why one would want a .onion site and *not* be anonymous. 
global moderator
Activity: 3990
Merit: 2717
Join the world-leading crypto sportsbook NOW!
March 07, 2016, 10:45:39 AM
#2
Because 2-factor methods are not limited to phones or apps. You can use your pgp key which is likely what most of the darknet markets use.
full member
Activity: 196
Merit: 100
★Bitvest.io★ Play Plinko or Invest!
March 07, 2016, 05:51:25 AM
#1
It's "always" a good idea to use two-factor-authentication, however, most methods I've heard of are essentially covered under SMS or a mobile app.  This inherently (and, I suppose, this is the purpose) ties an account to a phone number or a device.  Here's where my confusion begins:  I've read about markets on deep web, etc that offer 2FA, and that immediately brings a question to my mind:

Isn't the whole purpose of TOR browsing and the deep web staying anonymous?  How does one use 2FA and not tie to a phone number or a specific device?  Am I missing something basic here?
Jump to: