2.3 Two-Factor Authentication

Section 2.2 (previous) Types of Bitcoin Wallet

Section 2.4 (next) Set Up a Bitcoin Wallet

In today’s age of cyberthreat and identity theft and online fraud, two-factor authentication has become increasingly compulsory in safeguarding online wallets and bank accounts from unauthorised access.

Two-factor authentication is also used by some to maintain the security of email accounts. With bitcoin and cryptocurrencies where funds and assets of monetary value are involved, 2FA becomes almost mandatory.

In this section, we explore what two-factor authentication is and how it works, so that we may apply it during the setting up of a bitcoin wallet in the next section.

What is 2FA?

• Two-factor authentication or 2FA, is an additional layer of security that requires more than just a username and password or PIN for access to an account.
• The 2FA is thus an additional piece of data that is available only to the account owner through a device (usually a smartphone) that he or she holds.
• You may already be familiar with or may even have used 2FA in your current internet banking and credit card usage online. For internet banking in most countries, to approve an online fund transfer, the bank sends a 6-digit code to your phone via SMS, which you will key in in order to proceed with the transaction.
• This code is only sent to your phone and contact number, which only you would own. Similarly, for credit card purchases online, the card-issuing bank’s payment gateway would send a series of digits to your phone via SMS, which you will key in to approve the transaction.
• To understand 2FA, consider the following factors of personal nature:
  1. What You Know: your password, your PIN, your secret phrase etc.
  2. What You Own: your smartphone, your hardware key, your access card etc.
  3. What You Were Born With: your face, your thumbprint, your eyes, your voice etc
• 2FA typically relies on a combination of any of the two factors above for identity verification in order to access a secure account.
• By requiring more than just one factor, it makes it significantly harder for a hacker to gain unauthorised access, e.g. the hacker may have your password but he would most likely not have your smartphone. Or he may have your smartphone, but not your face. Yes, Face ID on your iPhone is a form of 2FA!
• A variety of 2FA methods is available in the world today, including a USB drive such as the YubiKey and a hardware token.
 



The YubiKey is a hardware authentication device that supports one-time passwords, public-key encryption and authentication, and FIDO2 protocols.
 
• In this section, we will consider cost-free random number generator apps that run on your smartphone to secure your bitcoin wallet and exchange accounts.
• The two popular 2FA apps commonly used in cryptocurrency space are:
  1. Google Authenticator
  2. Authy 2-Factor Authentication
• You may install either or both of these apps. Note that any wallet or exchange account will work with only one app at a time. Some exchanges will only use Authy and not Google Authenticator, so install the appropriate one as and when it is needed.
• See the headings below to download and learn how to use these apps.
  Both apps work on your smartphones and have their advantages and disadvantages, which will not be discussed here as features change rapidly in technology space and by the time you read this, a disadvantage may no longer be relevant through upgrades and improvements. You may want to visit the respective official sites for these two apps given at the end of this article to learn about their latest changes and more recent features.

Google Authenticator

App Name: Google Authenticator
Developer: Google LLC

 

If you’re reading this on your computer, search for Google Authenticator on your smartphone’s App Store | Google Play. Verify that it matches the developer name stated above.

If you’re reading this on your smartphone, click below to download and install Google Authenticator directly from the App Store (iOS) or Google Play (Android) on your smartphone:

1. Launch the Google Authenticator app on your smartphone. Google Authenticator is linked to your Google account by default. Go through the brief on-screen tutorial.
2. Click on BEGIN.
   

   NOTE: The steps hereafter will only work in an actual case, i.e. you will need to scan a barcode or QR code. You may continue as a mock run for now, but as you set up and secure your wallet and account in future modules, you may return here to refer to the steps again.

3. Under Add an Account, click on Scan a Barcode.
4. A crosshair window appears. Move your phone to position the QR code within this crosshair window. The QR code will be scanned almost immediately.
5. A 6-digit number will be displayed, which remains valid for 30 seconds. The countdown of this 30 seconds is indicated by the timer on the far right of the digits. After 30 seconds, a new 6-digit number is displayed.
 



A 6-digit code appear for each account in Google Authenticator with the remaining time of expiry shown as a diminishing pie on the right side.
 
6. Type the 6-digit number into your account field and proceed. This will link your account to Google Authenticator. If the number changes while you’re typing it in, type in the new number instead. Hit Enter or OK to proceed before the next 30 seconds is up.
7. A new 6-digit number will be displayed for 30 seconds each time, which will be your 2FA password when you’re logging into your wallet or account on your computer in the future.
8. Once the number has changed after 30 seconds, if you have not logged into your account by then, you will need to key in the next 6-digit number as it appears on the screen.
9. You may add more than one account to the app for 2FA protection. A different 6-digit number is provided for each protected wallet or account.
10. The linked account is shown for each number, usually identified by username or email address. You may edit this identifier by tapping and holding on the row and clicking on the pencil icon at the top of the screen.

Authy 2-Factor Authentication

App Name: Authy 2-Factor Authentication
Developer: Authy

 

If you’re reading this on your computer, search for Authy 2-Factor Authentication on your smartphone’s App Store | Google Play. Verify that it matches the developer name stated above.

If you’re reading this on your smartphone, click below to download and install Authy 2-Factor Authentication directly from the App Store (iOS) or Google Play (Android) on your smartphone:

1. Launch the Authy 2-Factor Authentication app on your smartphone.
2. Go to Menu > Add Account.
   

   NOTE: The steps hereafter will only work in an actual case, i.e. you will need to scan a barcode or QR code. You may continue as a mock run for now, but as you set up and secure your wallet and account in future modules, you may return here to refer to the steps again.

3. Click on SCAN QR CODE. If no QR code is available or if a key is provided by the account you are securing, you may choose ENTER KEY MANUALLY.
4. A camera window appears. Move your phone to position the QR code within this window. The QR code will be scanned almost immediately.
5. A 6-digit number will be displayed, which remains valid for 30 seconds. The countdown of this 30 seconds is indicated by the timer below the digits. After 30 seconds, a new 6-digit number is displayed.



A 6-digit code appear for the selected account in Authy with the remaining time of expiry shown below the code and a selection of other accounts on the bottom row.
 
6. Type the 6-digit number into your account field and proceed. This will link your account to Google Authenticator. If the number changes while you’re typing it in, type in the new number instead. Hit Enter or OK to proceed before the next 30 seconds is up.
7. A new 6-digit number will be displayed for 30 seconds each time, which will be your 2FA password when you’re logging into your wallet or account on your computer in the future.
8. Once the number has changed after 30 seconds, if you have not logged into your account by then, you will need to key in the next 6-digit number as it appears on the screen.
9. You may add more than one account to the app for 2FA protection. A different 6-digit number is provided for each protected wallet or account.
10. The linked account is shown for each number, usually identified by username or email address. You may edit this identifier by tapping and holding on the row and clicking on the pencil icon at the top of the screen.

In this section, we learned how two-factor authentication works in safeguarding your wallets and accounts and protecting your funds from unauthorised access. Make sure to install one or both 2FA apps above before progressing further. If not, you may have to return to this page to do this later on, which could disrupt the flow of instruction in the following chapters.

Let’s take what we have learned here and apply it in the next section 2.3 Set Up a Bitcoin Wallet to create a safe and secure bitcoin wallet.

Section 2.2 (previous) Types of Bitcoin Wallet

Section 2.4 (next) Set Up a Bitcoin Wallet