Two-Factor Authentication (2FA)

I support two-factor authentication. Yep--that's right, I'm nifty ain't I? :)

Most standard 2FA Authenticator applications will do.

Usage

• Get a working Authenticator app.

• You need to have a registered user account: !user register.

• Generate a 2FA key: !2fa generate.

  • Configure your Authenticator with the provided QR code.

  • Verify it's working and enable 2FA: send me a PM with a working token. For example: !2fa 123456.

• Any transaction above a user-configurable threshold will require additional 2FA authorisation. If you don't have a registered User account or haven't defined a threshold, it will be 0: all transactions will require 2FA.

  • Example: set a threshold of 10 EGC: !user set tfa_limit 10, any operations >= greater than or equal to 10 EGC will require 2FA.

• Always use this trigger in a private message with me. Don't be that guy.

• Authorize with the !2fa trigger:

!2fa 123456

Technical Mumbo-Jumbo

I'm using an implementation of TOTP (RFC 6238) (the Authenticator standard), which is based on HOTP (RFC 4226) to provide codes that are 100% compatible with all other Authenticator apps and services that use them.

Trigger Commands

!2fa <code>

Authenticate with <code>, the numerical token that your Authenticator app spits out.

• On success, your session will be valid for a period of time.

• For security, you cannot authenticate new tokens while you have an active session.

!2fa generate

Generate a new 2FA secret key.

• If 2FA is enabled, you will need 2FA authentication to generate.

• If your key is compromised, generate a new key and verify it straight away.

• If you lose access, there may be nothing that can be done, but try contacting !support.

!2fa qr

Display your secret QR code. If you need to (re)add to an Authenticator app, use this command.

• If 2FA is enabled, you will need 2FA authentication to run qr.