Our Multisig 2fa bot is now ready for Beta testing.
/!\ Always make sure you have your account's owner key available, to disable the 2FA if needed.
How it works
To use 2FA by validating One-Time-Passwords (OTP), you give partial authority to a bot to sign for your account, and also keep partial authority over it. The bot will receive signature requests via Hive Multisig and will sign them when the OTP is correct, then broadcast the resulting transaction.
You can use the bot we provide or run your own.
2FA Setup
To set up 2FA, go to https://multisig.hive-keychain.com , login, then navigate to 2FA (Beta).
On the next screen, the One-Time-Password secret is generated. Scan the QR Code and verify the code to go to the next page.
On the final setup page, you need to choose between the default configuration and a custom one. By default, the 2FA bot is @multisig-2fa (the account verifying the OTP and deciding whether to sign or not the transaction) and the weight and thresholds are automatically attributed. If you want to use your own bot instead or define different weights and threshold, use the custom tab.
When you validate your 2FA setup, the secret is encrypted and sent to the bot, and it will be able to verify transactions in the future.
You can then move to the transactions tab and try a transfer, for instance, the multisig account is automatically detected as a 2FA bot and you will be asked for the OTP before broadcast. Note this tab is just for tests purposes, we will push a new version of Keychain in Beta shortly, that will automatically ask for OTPs on Keychain side, so it will be directly compatible with any frontend that works with Keychain.
Using your own 2FA bot
You can also run your own 2FA bot to verify your OTPs.
On your own server, clone this opensource repository and follow the README to properly set up the environment.
We recommend creating a new account that will only be used for this purpose. This account's metadata will be automatically updated so that Hive Multisig, Keychain, and potentially other services recognize this account as a 2FA bot.
After setting up your server, go to the Hive Multisig frontend, and go through the process highlighted above.
On the Multisig 2FA Setup page, make sure you use the Custom tab and enter your own bot account instead of the default @multisig-2fa.
Enjoy!
Looking forward to receiving your feedback and iterating with you guys on our Discord server.
Read about the @keychain integration here.
Great! I understand that with the owner key one can eliminate the 2fa. That is, if access to the OTP is lost for some reason, is it always possible to recover your account? I have lost many accounts because the OTP stops working, and in the case of HIVE that would be very serious for any user.
Yes, we recommend using 2FA on the active authority since that is the one you would use in hot wallets to handle your transfers and such.
But the owner key has a superior authority so it would allow you to change back your active authority configuration, and should stay safely stored offline.
Thanks for responding. A question; How many accounts can be placed with multi-signature in the bot? It is currently only intended for a single account, or multiple accounts can be used. Just thinking about countless possible applications and services that can be created with this tool.
Edit:
Okay, I already read the article in the link of the Github and my doubts were clarified. Great project.
I have bookmarked this post and will follow the steps shared to get this done. 2FA is must have these days and thanks to you for brining it on hive.
You're welcome! Let us know how it goes!
Very cool! It's nice to see features like this being added to our accounts we have put so much time and energy into.
Glad you like it!
Multisig 2FA is definitely an added advantage and extra security, but I guess, it's the bot that provides this functionality ? I mean hive does not have it in-built, right ?
The Multisig capability of the blockchain is built-in.
But it is the bot indeed that validates the OTP and decides whether or not to sign the transaction.
Thanks for the awesome work! I know you’ve talked about it in your HF presentation. Great to see it in Beta; will check more about this and give it a test too.
Awesome! Please let us know how it goes!
Make sure you have your owner key on hand in case you need to remove the 2FA or use a test account first.
Thanks for the tip 👍
Will do it this way.
Thanks for this incredible work that you are doing to make hive superb and safe. I will go through this and set up accordingly.
Great! Please give us some feedback on Discord after testing =)
Make sure you have your owner key on hand in case you need to remove the 2FA or use a test account first.
Saved these instructions for easy access in future. It sounds simple even for someone as a-technical as me :) Thank you!!
You're welcome!
Yeah, there is nothing too technical in there, the only thing is to properly understand how authority heights and thresholds work on Multisig.
Basically, a normal account has a single key with a weight and threshold set as 1 so it can sign and broadcast directly.
When using 2FA, your own key and the 2FA bot both have an authority weight of 1 and the threshold is set as 2. So it will need both signatures before being broadcasted. And the bot will only sign if the OTP is correct. That's it.
This so amazing. I love the new development, thanks so much for sharing this i will give a try.
Thanks! Please do let us know how it went on Discord!
Make sure you have your owner key on hand in case you need to remove the 2FA or use a test account first.
That's great, thanks for making something good even better!
That's what we do ;)
Great news! Thanks
@tipu curate
Upvoted 👌 (Mana: 17/47) Liquid rewards.
Our pleasure!
Congratulations @stoodkev! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 25000 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out our last posts:
!PIZZA
$PIZZA slices delivered:
@captainquack22(3/10) tipped @stoodkev
danzocal tipped stoodkev
Congratulations @stoodkev! Your post has been a top performer on the Hive blockchain and you have been rewarded with this rare badge
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out our last posts:
That's great. It's good news
This system effectively strengthens transaction protection while remaining accessible. It will be interesting to see how it integrates with wallets and other platforms in the future !
Que bueno !!
Good job my friend
Thanks to you and the team for building it on Hive Stoodkev. This 2FA is definitely about to add an extra layer of security and protect our assets better!
Friend I appreciate your work but I can't login Keychain on my android. It is giving issue with biometric.
These additional security methods are going to look very attractive to the Whales. The best part is that some developers are going to find some interesting use cases with 2FA.
Hey man, appreciate your work. Not sure if this is best spot to mention, but my keychain app on android been little buggy for few months now. When i input the active key (not posting) it doesnt accept it. So i havent been able to do anything on it except rising star missions and splinterlands battles. I miss being able to claim crops and other things where active key is needed.
Anyways, thanks again man.
!PIZZA
Hi! When inputting the key, ensure there's no trailing space and that it's the PRIVATE active key. If it is still not being accepted, does it come with an error message?
It says it was added successfully, but it doesnt stick. Acts like i never put it in.
It did use to work, but after an update few months back i cant get it to work. It accepts it, which is interesting, but it looks like its still blank. Thanks for response by the way.