Author

Topic: Two Factor Authentication - 2FA (Read 505 times)

member
Activity: 296
Merit: 10
April 19, 2018, 12:20:09 PM
#21
2fa is the most secured way to prevent hackers from stealing your coins,it is required to use 2fa when you have account on exchanges.
I put it whenever and wherever I can because it is one of the safest ways to protect your account from intruders
hero member
Activity: 1008
Merit: 500
March 08, 2018, 07:02:30 AM
#20
2fa is the most secured way to prevent hackers from stealing your coins,it is required to use 2fa when you have account on exchanges.
newbie
Activity: 23
Merit: 0
March 07, 2018, 10:31:21 PM
#19
In another forum i posted some information and useful links regarding 2FA:
http://thecryptocrow.com/showthread.php?118-2FA-2-Factor-Authentication

(if i'm not allowed posting external links, let me know, i read the bitcointalk rules but didn't see any particular rule about this).
MP4
member
Activity: 84
Merit: 10
December 10, 2017, 05:52:26 PM
#18
it is important to have 2FA for second security. I prefer to take google auth, but even if you have it, be carefull with everything
newbie
Activity: 700
Merit: 0
December 10, 2017, 03:24:10 PM
#17
These days very important 2 Factor Authentication for our accounts. It will secure our accounts from unauthorized login. Very effective guide. Thank you.
newbie
Activity: 37
Merit: 0
December 10, 2017, 06:04:56 AM
#16
Good guide bro. It's nice to see you helping others. I'm new to cryto and definitely going to implement 2FA into all my exchanges and email accounts.
member
Activity: 129
Merit: 10
December 10, 2017, 05:12:16 AM
#15
Yes, I do use 2FA for my online accounts and since there is a possibility of losing the device or damaging it, I also have back up codes to deal with such situation. However, I believe that even 2FA wouldn't help us in case of the data compromisation from the server side and hence I have rarely maintained more than 20% funds online. 2FA really helps to protect the account but changing primary passwords more often should be a regular practice.

Absolutely, there is no way to protect yourself from that other than keeping thw majority of your holdings off the exchanges.
hero member
Activity: 1190
Merit: 534
December 07, 2017, 11:05:53 AM
#14
Yes, I do use 2FA for my online accounts and since there is a possibility of losing the device or damaging it, I also have back up codes to deal with such situation. However, I believe that even 2FA wouldn't help us in case of the data compromisation from the server side and hence I have rarely maintained more than 20% funds online. 2FA really helps to protect the account but changing primary passwords more often should be a regular practice.
member
Activity: 296
Merit: 10
December 07, 2017, 10:56:17 AM
#13
Quote
If you are holding big amount of money that you dont want to lose, then yes you must use it. but again learn how to use it and how to recover it if you lose your phone.
That's why you need to backup your phone so you can recover it from backup Cheesy
member
Activity: 129
Merit: 10
December 06, 2017, 04:42:56 PM
#12
I have this notification in poloniex but I'm not sure whether I need it or not.

If you are holding big amount of money that you dont want to lose, then yes you must use it. but again learn how to use it and how to recover it if you lose your phone.
member
Activity: 154
Merit: 10
December 06, 2017, 04:20:31 PM
#11
The idea behind Two Factor Authentication is:
- you know something: your password
- you have something: the 2FA code generated by your app

Let's say you go to an internet cafe (they still exist right?). You go to a website and you enter your password. Unfortunately the owner of the cafe has a keylogger installed on all the computers and he is tracking the keys that you've typed in. Now he has access to your account.

If you had 2FA on he would have been able to do step 1 (your password), but wouldn't be able to login because he doesn't have your 2FA code.

I would enable it where-ever you can, especially on things like email. Because most sites use your email for password resets.
member
Activity: 129
Merit: 10
December 06, 2017, 03:59:07 PM
#10
Two factor Authentication is mostly again online threats and hackers, if youre in situation someone may look at your phone and steal passwords then you should choose people youre hanging with more carefully Cheesy

LOL it can happen and you can prevent that easily. for example some exchanges give you the option to put 2FA on withdraw or even on sell orders. so he will have to get the code more than once.
member
Activity: 296
Merit: 10
December 06, 2017, 10:28:08 AM
#9
Two factor Authentication is mostly again online threats and hackers, if youre in situation someone may look at your phone and steal passwords then you should choose people youre hanging with more carefully Cheesy
member
Activity: 129
Merit: 10
December 06, 2017, 05:44:34 AM
#8
Two factor Authentication is useless without a strong password to your phone or carefully keeping your phone out of reach of people who can access your account.

Well if you lose your phone, you have the recovery codes saved one the side, if you are fast enough to get smartphone from someone you can save yourself.

There is always way to get hit, but it does help a lot from online attacks
member
Activity: 294
Merit: 10
www.daxico.com
December 06, 2017, 04:31:11 AM
#7
Two factor Authentication is useless without a strong password to your phone or carefully keeping your phone out of reach of people who can access your account.
member
Activity: 434
Merit: 10
December 06, 2017, 03:11:12 AM
#6
I have this notification in poloniex but I'm not sure whether I need it or not.
member
Activity: 129
Merit: 10
December 06, 2017, 02:55:15 AM
#5
Why even bother to use Google Authenticator? You can download a open source 2FA app such as andOTP[1] that has the option to backup and restore 2FA codes. Then, you can just set up your 2FA and upload an encrypted backup to any free cloud provider you want. Never losing access to your accounts again.

[1] https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp&hl=pt_BR


That is also an option. Never used that so I can't guide someone less
legendary
Activity: 2758
Merit: 6830
December 05, 2017, 08:44:30 PM
#4
Why even bother to use Google Authenticator? You can download a open source 2FA app such as andOTP[1] that has the option to backup and restore 2FA codes. Then, you can just set up your 2FA and upload an encrypted backup to any free cloud provider you want. Never losing access to your accounts again.

[1] https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp&hl=pt_BR
member
Activity: 132
Merit: 11
December 05, 2017, 05:13:24 PM
#3
Good guide mate. It's nice to see people helping others off their own back - good on you.

I factory reset my android phone a few months back in a hurry and wrongly assumed my 2FA codes would be backed up to Google and reinstall on the other side. Let's just say I was wrong. Took me up to a month to get access to all my exchanges.

Everyone, take 2FA seriously - back that stuff up!

Good luck.

-Knightly.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
December 05, 2017, 05:07:07 PM
#2
I have been through this before, I lost my phone and I had no backup codes for the google authenticator. I manage to recover all my accounts back but it took around 2 weeks to get all back. You need to prove that you are the owner of the account.
member
Activity: 129
Merit: 10
December 05, 2017, 04:34:00 PM
#1
It's not easy to lose your funds, and a lot of people are trying to secure their funds, so I decided to write simple guide hopefully will be useful for people.

1. Any exchange has almost 2FA, to activate it go to settings, look for security and you should find it there
2. Before activating, make sure you download the google authenticator on your smartphone
3. When you are about to activate it, you will see on the screen barcode and above/near it also recovery code (Copy that code on piece of paper, make 2-3 copies and keep them safe)
4. Open your google authenticator app, click on + , you will see two options, scan barcode and enter a provided key (that's the code I mentioned in section
    3, you will need it in the future)
5. Click scan barcode and scan the barcode you have on the exchange, then you will see on the app name of the exchange and 6 digits code that changes every 30 seconds, put the code on the exchange and confirm.
Now your account on the exchange is secured by another layer.
6. Each time you will log in the exchange you will be asked to put the code from the google authenticator app, so if anyone has your email and password he can not login .... (not yet, he still can somehow, will explain)
7. What about you gmail account? now you should also secure that part, on gmail hit the circle with you photo and click on my account
8. Or simply follow the instruction by google: https://support.google.com/accounts/answer/185839?hl=en
9. After activate your 2FA on google, make sure you backup your 2fa for gmail and get 10 codes to have the ability to login to your gmail if you lose your phone
10. now what if you lose your phone?
in the case of the exchange: you got the recovery code, you just need new phone, download the google authenticator app and add the recovery code and again you will have the  digits codes on your new phone
11. For your gmail, if you did backup, you can use one of the 10 codes you got, dont save them on your laptop write them down, login then you can disable the 2FA from gmail and reactivate it.
Or if you printed out the barcode that's also an option, I would not prefer that as you might leave it behind on your laptop, same thing you can do with the barcode you see on the exchange, you can print it out and use it as recovery instead of the code mentioned in section 3.

Why you should also secure your email although you have 2FA on the exchange?
Because if you are victim of phishing website or someone put keylogger on you PC he can take your email and password, login you email, change your password and lock you our.
He will try to rest your password from the exchange and you have no way to do anything almost, if he has more information about you and the exchange give him the opportunity to disable the 2FA you lost your funds
Jump to: