2FA: How to “harden” Greenery wallet with 2FA
Greenery is a cryptocurrency wallet with bookkeeping and accounting functionality for Web3 and DeFi. This article goes into how to further “harden” the wallet on top of the security measures we’ve built into it.
Hardening is an act of increasing the security of a software and/or device usually above the base level of security already built in. Think a lock on the front door of your building and then the lock to your apartment itself, or a lock box inside of a vault. In the context of Greenery, we do this through two factor authentication.
The general security measures taken in Greenery is that all account information is stored locally on the user’s machine using IndexedDB, a local database. All sensitive data such as seed phrases (Mnemonic/Seed Phrase), private keys, and secret keys are encrypted using the AES encryption algorithm that is used in the NTFS filesystem and Bitlocker partition encryption by Microsoft, Filevault partition encryption by Apple and LUKS used to create encrypted Linux partition volumes.
Please keep in mind that most cryptocurrency wallets do not support hardening with two factor authentication, Greenery has it “out of the box”. Ultimately despite all the security measures we put in place, it still on you, the end user, to do your part in securing your cryptocurrency. Some common sense measures include, but are not limited to:
Don’t share your computer with others
Be careful what you download
Be careful what websites you go-to
Be careful what dApps you connect to
Don’t share your Mnemonic phrase with anyone
Use complex, yet memorable passwords
Lastly, never send cryptocurrency to people you do not know or trust, especially if they have not provided a good or service for you that you are using
Multifactor authentication or two factor authentication is a security mechanism where after putting in a password, a further, secondary form of authentication is required to grant access. Multifactor Authentication comes in many types such as:
Fingerprint, Face, Authenticator, Email, SMS, USB FOB, NFC and even Bluetooth
In Greenery, for now, we support multi-factor authentication using the time-based one-time password (TOTP; specified in RFC 6238) and HMAC-based one-time password (HOTP; specified in RFC 4226), for authenticating user actions once enabled such as what is used in Google Authenticator.
To harden Greenery and enable two factor authentication, first have your Google Authenticator open on your phone.
Google Authenticator provides a one time password that resets roughly every 30 seconds, so make sure when you’re entering the code, you do it fast!
Open up Google Authenticator and scan the QRCode by pressing the “+” and selecting “Scan a QR Code”
After scanning the QRCode, Google Authenticator will add Greenery
Next is to enable 2FA in Greenery itself. Now that Greenery is added to your Google Authenticator, now enable it Greenery.
Once you click Enable “two factor authentication” in Greenery, you will be asked to put in your 2FA code. Once its accepted, the QRCode will disappear and you can enable other actions to be covered by 2FA.
Once you click the slider for “Login” it is activated. This prevents logging into Greenery without access to the one time password generated in the authenticator app on your phone. To deactivate, you have to put in the 2FA code first, once successful, slide into the “off” position.
The second aspect is Dashboard sending. This prevents sending cryptocurrency without a 2FA code. Click the slider next to it to put it in the “On” position. Now anytime you want to send currency, it will require you to put in your one time password from your authenticator application.
Hardening your wallet helps add a layer of protection that a simple password doesn’t provide.
This is one of many reasons Greenery should be the number one wallet choice for any cryptocurrency use.
You can get Greenery on Chocolatey (a package manager for Windows) and Snapcraft (A package manager for Linux). To help us better craft the best experience for our users, please consider joining our beta testing programme.
Best,
CEO of Greenfire, where we aim to build products the bridge the cryptocurrency ecosystem with the real world