Our Multisig 2fa bot is now ready for Beta testing.
/!\ Always make sure you have your account's owner key available, to disable the 2FA if needed.
How it works
To use 2FA by validating One-Time-Passwords (OTP), you give partial authority to a bot to sign for your account, and also keep partial authority over it. The bot will receive signature requests via Hive Multisig and will sign them when the OTP is correct, then broadcast the resulting transaction.
You can use the bot we provide or run your own.
2FA Setup
To setup 2FA, go to https://multisig.hive-keychain.com , login, then navigate to 2FA (Beta)
.
On the next screen, the One-Time-Password secret is generated. Scan the QR Code and verify the code to go to the next page.
On the final setup page, you need to choose between the default configuration and a custom one. By default, the 2FA bot is @multisig-2fa (the account verifying the OTP and deciding whether to sign or not the transaction) and the weight and thresholds are automatically attributed. If you want to use your own bot instead or define different weights and threshold, use the custom tab.
When you validate your 2FA setup, the secret is encrypted and sent to the bot, and it will be able to verify transactions in the future.
You can then move to the transactions tab and try a transfer, for instance, the multisig account is automatically detected as a 2FA bot and you will be asked for the OTP before broadcast. Note this tab is just for tests purposes, we will push a new version of Keychain in Beta shortly, that will automatically ask for OTPs on Keychain side, so it will be directly compatible with any frontend that works with Keychain.
Using your own 2FA bot
You can also run your own 2FA bot to verify your OTPs.
On your own server, clone this opensource repository and follow the README to properly set up the environment.
We recommend creating a new account that will only be used for this purpose. This account's metadata will be automatically updated so that Hive Multisig, Keychain, and potentially other services recognize this account as a 2FA bot.
After setting up your server, go to the Hive Multisig frontend, and go through the process highlighted above.
On the Multisig 2FA Setup
page, make sure you use the Custom
tab and enter your own bot account instead of the default @multisig-2fa.
Enjoy!
Looking forward to receiving your feedback and iterating with you guys on our Discord server.
Expect another post from @keychain on our 2FA integration on Keychain later today.