2FA on Evolution

fible1

Well-known Member
Dash Core Team
Masternode Owner/Operator
May 11, 2014
710
722
163
Does anyone know how evolution will secure account access? I'm still working my way through the White Papers but with this was the first thing that popped into my mind when reading about the new system. Will there be some form of 2FA?

Thanks,
Pablo.
 

TroyDASH

Well-known Member
Jul 31, 2015
1,254
797
183
I would guess that a 3rd-tier service could implement its own 2FA if they wanted to but I can't think of any way that could be built into the protocol.
 

stan.distortion

Well-known Member
Oct 30, 2014
911
530
163
I would guess that a 3rd-tier service could implement its own 2FA if they wanted to but I can't think of any way that could be built into the protocol.
Would user primitives on DashDrive allow an encrypted 2fa key as a field and the required passcode to be generated without decrypting it? I couldn't see how it could be done in a purely p2p network but with the second tier giving some of the benefits of centralisation I'd imagine its possible.
 

fible1

Well-known Member
Dash Core Team
Masternode Owner/Operator
May 11, 2014
710
722
163
It's otherwise more insecure than the current private/public key system then isn't it? Or am I missing something? I get the feeling I am misunderstanding the UI part of the new implementation.

Pablo.
 

stan.distortion

Well-known Member
Oct 30, 2014
911
530
163
It's otherwise more insecure than the current private/public key system then isn't it? Or am I missing something? I get the feeling I am misunderstanding the UI part of the new implementation.

Pablo.
Read through a bit more today and 2FA is mentioned in some of the docs in the documentation on github:
https://github.com/evan82/dash/blob/master/dash-docs/objects/account.md
(In objects > end user and I think I came across is somewhere else) Also, keepass is supposed to take the place of 2FA to some degree but I'm not familiar with it so no idea how.

I'm not sure if it can be more secure tbh, the problem I'd always imagined with 2FA on a p2p network was the network being able to validate the hidden seed for the passcode generation without that seed being visible to the network but I don't know enough about crypto to know is that's relevant, if it is then having what amounts to single system built on top of a decentralised network should be a step towards overcoming it.

What probably matters more though is having 2 devices, I mostly use it when accessing services with the PC and in that case the phone is the second device but smartphone wallets means needing a second portable device in addition to the phone to use 2FA. Something for that could probably be built into a flexible wristband or ring easily enough for convenience but actually getting folks to use it isn't an easy task. Tbh I'd have more hope for biometrics for both private key generation and unlocking than 2FA going mainstream but who knows, the world might suddenly become security-aware :/