Two-factor authorization for wallets?
After reading this thread where someone's wallet was hacked for 9k coins, I was thinking..
It seems the easiest way to prevent these things (easier than say: creating the wallet on a clean install of linux with a disconnected computer, securely backing up the wallets to a few USB's (encrypted of course) and paper wallets, and then doing a miltary-grade wipe of the hard drive) would be to create some sort of two factor authorization system. You would need both your passphrase and another distinctly separate form of interaction with the wallet in order to access the unencrypted keys and sign a transaction. That last bit is the tricky part, as it is a desktop app not a web service, so stuff like google Authenticator doesn't apply, especially since the desktop is compromised in the situation where this is relevant.
I'm not sure how feasible it is, but I think something like this would help so much with allowing people to more easily securely store their coins. Thoughts? Any ideas on the best way this could be done?
See the original post: