Wallet Initial Transactions 2 Factor Request Vote


#1

I want to request that Tezos make their wallets have 2 factor authentication or a delayed confirmation via email before allowing tezzies to be moved to a different wallet after the launch of the beta net or main-net.

I lost 300 Ethereum in the past and if a second verification had of been in place to safeguard contributors it would not have happened. With so much time having passed between the ICO and the launch, and so much media attention hackers and scum bags will be on the rampage trying to compromise people’s systems to get their private keys. I already see some dodgey peeps asking about moving tezzies to new wallets in chats.

If for the first transactions on any wallet a confirmation was sent to the email used by the contributor it would make add an extra layer of security for contributors.

It would not be hard for people to compromise the systems of contributors given they have had so much time. Hackers have had plenty of time to infiltrate, and manipulate contributors, jeez they are not hard to find, just frequent all the chats and strike up conversations. Friendships etc, then they send links to keyloggers etc.

Tezos have the opportunity to fix the mistakes of the paste in its launch and prevent anyone from losing their tezzies, I for one would appreciate that extra layer of security.

For the first transaction or any transaction in a tezos wallet an confirmation email should be sent. Who agrees ?

Can we put it to a vote or something?


#2

Your idea fails at the point “sent to the email used”, because this email is just cryptographic salt and cannot be retrieved. It is stored nowhere.


#3

Each Person who contributed had to pre-register prior to the ICO did they not ?
For AML and KYC Purposes, I just mean possibly delayed withdrawals with an alert to the users registered email use for pre ico registration, so they can confirm it was them and it not cancel the transaction.


#4

No. Registration is a central thing. You are in a decentralized world now. No one is registered.


#5

I understand and agree with the spirit of the decentralized world but adding an extra layer of security won’t be a bad idea. I don’t know how, as @pearsed suggested, maybe 2 factor authentication like it is implemented by some crypto exchanges


#6

I agree with the need for security. I just wanted to point out that it can not be implemented after the Fundraiser now. The current level of your key security is cast in stone.


#7

I have not a single Tezos, so I am talking only theoritically.
Email or not email, I am not affected by this policy.
But I do not agree, Email is not safe. You should not use it.
They are using email as a mean to invade your privacy.
You should only use a private key.
And if you want a 2 factor authentication, then use a second private key.


#8

I agree with the need for 2fa security actively.