2-Factor-Confirmation

Ideas
#21

I'm not completely sure how to use authy or google with NEM other than it be added to the NCC. And even then, as it would just be a 2nd layer password on NCC.

I'm sure that would be a pretty easy feature for somebody to add to NCC though and it wouldn't hurt.

The other option is to make an alternate version NCC and alternate version mobile app that together worked like the authy does with websites.  That would be solid security feature that would make NEM very hard to compromise and be easy for people to use, but would require more serious coding.


I don't think adding another layer of authentication to NCC is as easy as you think.
The way I see it your password is used to encrypt the wallet when you create it and decrypt it everytime you open it. You can't really use an ever changing code for that. As a layer that just prevents you from entering NCC but has nothing todo with wallet decryption it doesn't make a whole lot of sense.
#22

Please do keep in mind that GFW(Government f**king Wall) made anything related to Google a real pain in the ass for all chinese.
We should try other way than just implementing with google app if this feature will ever have chinese users.


It's all open-source and there are quite a few libraries for almost any language so we don't have to use any 3rd party app.

This idea didn't take into account the NEM app implementing multi-sig though so it's not necessary to implement any of this. We'll have it as soon as the app supports the same multi-sig behaviour as NCC.
#23

smartphone bio identification to open the wallet + multisignature cosigners signing in a smartphone = superior 2fa than google auth and all in the blockchain. Maybe you guys should change the name of multisignature to “NEM authenticator” to target the mass haha :stuck_out_tongue:

Wouldn’t be great if you could upload your fingerprint to the NEM blockchain and tie it to a private key? Or even two different fingerprints tied to a private key. So in case i die my brother could easily have access to the funds because my fingerprint and his fingerprint are tied to all our private keys. So even if someone knows the private key of your cosigners accounts they still would need a bio identification to sign. Or facial recognition, voice captcha kind of like https://humaniq.co/ want to do.

Nowadays smartphones with fingerprint readers and camera are so common and getting cheap, there are 25$ smartphones, anyone can have bank grade security at their fingers, literally.