ScaredyCatGuide to Bitcoin and Other Cryptocurrency – Part VI – Two Factor Authentication and Passphrases

In the last post we learned what wallet addresses are and the importance of private keys. Now we will take the next step in securing our bitcoin and discuss two factor authentication (2FA) and passphrases.


This post is part of a running series on bitcoin and blockchain basics

Find previous posts here:

Part V – Wallet Addresses and Keys

Part IV – Bitcoin Wallets

Part III – Buying & Selling Bitcoin


Two Factor Authentication (2FA)

Two factor authentication, or two step authentication, is a process that makes you prove your identity twice.

We already use two factor authentication in everyday life and may not even realize it. Whenever you use your debit card and put in a pin number, that is two factor. Your debit card is the first and then entering your pin is the second.

There are three types of authentication that can be used as part of this:

  • Something you have, like your phone or a card
  • Something you have to know, such as a password, code or pin
  • Something you are, such as a finger print for instance.

Example

The best thing that 2FA offers us is protection if someone gets a hold of your username and password. We have seen exchanges get hacked and information exposed.

However, if you have 2FA enabled nothing can be accessed with just a username and password. Your password is just one step, they need the second which would be your 2FA code, etc.

Application of 2FA

We see 2FA used and paired most with mobile devices. There are several ways to do this, but the most common is using the google authenticator app.

For instance, you would log into the exchange you want to protect, scan the QR code they provide with you phone’s camera and then use that code to link your authentication details to that device.

Going forward, every time you open google authenticator it generates a new 2FA code for your account, which remains valid for a short while before it expires and you need to generate a new one.

It does make for some good security, the down side is you need to have that device on you any time you want to access that account and if you lose your phone you also have lost your 2FA credentials.

2FA can also be setup using SMS verification, meaning you get texted a code to input each time you login. This does shed the worry of losing your phone, but you must have cell service to receive the text of course.

Passphrases to Encrypt your Wallet

Another way to protect your bitcoin, particularly if you have it in a software wallet, is to encrypt it with a passphrase.

By creating a passphrase you essentially lock your bitcoin from being spent. So even if someone gains access to your computer or device that your wallet is on, they cannot do anything with the funds without the passphrase as well.

When you download a bitcoin wallet onto your device it creates a wallet.dat file that holds the information showing digital ownership to your bitcoin. That information isn’t protected, so if someone gets access to your device they could take your bitcoin, this is why a passphrase is important.

I suggest creating a passphrase for any wallet on your device. It should be a word or phrase that you can remember and preferably contain some numbers and special characters. You will have to enter this passphrase each time you access the wallet so be sure not to lose or forget it.


In the next post we will discuss Bitcoin transaction confirmations


steemittags.JPG

Best Regards,
600x150EmailHeader.jpg

Disclaimer: All content in this post is my opinion and for informational purposes only

Sort:  

KeepassX to remember and make strong passwords. i was also thinking that it might be a good idea to have an extra email you give to exchanges, that is not you google.com 2fa account.
So if the hacker gets in on your phone and try to reset your passwords. Then the reset is not sent to the google account. :)

Great post for someone like me that can use straight advice on bitcoin.

Glad it can help!

Great news sir! Thanks for information

Thanks, my pleasure!

I agree with 2FA, if you've never tried it, you should learn how it works before needing it one day and not having it in place.

Nothing worse than having a lot of value somewhere, and because you never bothered to learn how 2FA works, it gets stolen one day.

Agreed, there is a reason better safe than sorry is a saying :-)

2fa can be pain, especially if you loss a device, but a worthwhile inconvenience, being hacked is a pain also.

hehe...yes being hacked is much more painful.

simplyvitalhealth

The ferfect PreToken Sale Upcomming: Indahash Pre-ICO stage 1 start in nov 8 2017 - Nov 15 2017.Hurry Up!

Rigister this to get 40% off https://r.indahash.com/participate/1233.html

More detail about bounty program: https://steemit.com/bounty/@momandbaby/ico-review-indahash-the-award-winning-app-which-connects-over-300-000-influencers-from-70-markets-with-global-brands-introduces

Thanks, very usefull info!)))