Two-factor authentication and why we need it now!!

domavila (57)in #steemit • 8 years ago

I am surprised steemit doesn't have two-factor authentication or 2FA. I am a forex, bitcoin and crypto trader and I do not keep my currency on any exchange unless they have 2FA. For those who are new to the digital space here is a link explaining 2FA. https://en.wikipedia.org/wiki/Two-factor_authentication.

In January I was hacked and got 500 ether stolen from me, at the time the exchange Kraken offered 2FA but since 500 eth was a small amount for me I procrastinated and did not set up the proper 2FA security measures. Needless to say I was hacked and lost all my ether, now every site or app that allows 2FA I use from gmail, bank accounts and of course the several bitcoin and crypto exchanges I trade on. I highly recommend implementing this on steemit, through my experience and several years in the crypto space one thing is certain and that is hackers exist and they wont stop trying to hack into platforms such as steemit.

Personally I use the Authy app for 2FA because I use my thumbprint to open the application which provides an additional level of security and I can also use Authy on multiple devices in case I loose or break my phone.
Remember security is of the utmost importance in this digital era. Stay safe and protected fellow steamers!!

#security

8 years ago in #steemit by domavila (57)

$0.36

Sort:

Trending

[-]

arhag (67) 8 years ago

Two-factor authentication (via a multisig service provider) would be great for active and posting authorities. There could be all kinds of custom rules the provider could follow to have a sensible trade-off between security and convenience, for example:

Require the Time-based One-time Password (TOTP) to authorize every single transfer of funds to an account not on a user-selected whitelist.
Require TOTP to authorize a transfer to an account on the whitelist, unless there was already a valid TOTP authorization made in the last hour.
Require TOTP and an email verification (which also lists and asks you to verify transactions in the past day or so) if the value of funds transferred to other accounts (whether on whitelist or not) within a sliding 4 hour window (or other specified window length) exceeds some user-specified threshold.
Do not require TOTP for new posts or comments or for new upvotes or downvotes for user-convenience, but do require TOTP authorization for changing existing up or down votes, or for editing content of an existing post/comment that is more than 1 hour old.
Require TOTP authorization for placing new market orders if the amount placed in the new order plus the amount already filled for the account in a sliding time window exceeds a user-specified threshold.
And many many more possibilities and variations...

$1.50

8 votes

[-]

condra (67) 8 years ago

This exactly. I think they need to realise that some users have a great deal at stake.

$0.00

[-]

tombstone (63) 8 years ago

Actually, I think they realize this more than anyone.

$0.00

1 vote

[-]

grape (42) 8 years ago

I agree. Two-factor authentication is essential.

For other coins, such Bitcoin or Ether, you can distribute your coins across many accounts, to reduce risk. But you'd better keep all your Steem in one account, to make upvoting most effective.

This makes Steem need two-factor authentication more than other coins.

$0.09

2 votes

[-]