Conversation

2) NOT SECURITY ADVICE

3) The first question you should ask yourself is: "how sad would I be to lose these funds?" Spend as much attention as makes sense given the cost a) "lol who cares": username/password, stick in password manager; or log in with google/etc.; whatever.

4) b) "eh I'd rather not but I'd be ok": username + secure password, ideally + 2FA but not the end of the world. Use a secure password and a password manager. c) "I'd live but that would really suck": username + secure password in password manager; authenticator 2FA

5) d) "that would be really fucking bad": username + secure password + authenticator 2FA, plus all the fixin's: --IP whitelisting --withdrawal address whitelisting --separate withdrawal password --whatever else is available Yubikey can replace authenticator for 2FA

6) and for all of the above: Above all, MAKE SURE TO SECURE YOUR EMAIL ACCOUNT. No matter what else you do, if someone gets into your email they'll often be able to get anything. SMS 2FA is generally bad: coverage is spotty and some countries make it trivial to sim swap.

7) Ok, but how about ledgers/other physical security? a) if the amount at stake is HUGE then these make sense (think 8-10 figures) b) if you really like them, then go for it the operative things here: --it's hard to not lose them --they're more secure

8) so the question, really, is: how hard is it to break through version (d) above? It's really hard, and most approaches just circumvent these entirely. E.g. get into email and reset everthing.

9) But there are some that don't: there are some attacks that only physical security can prevent. Those are *really* hard and only happen if there's a ton at stake, because that's when they become economical. That's when the gains outweigh the chance of losing the ledger.

3:10 AM · Oct 25, 2020Twitter Web App

10) Or, if it's what feels natural to you and what you'll do a good job maintaining. Some other random notes: a) what's up with 2FA instead of just a 2nd password? Basically: you only pass a hash of your true 2nd password, so intercepting it doesn't give permanent access.

Replying to

11) b) no matter what you do, the most likely failure scenario is that you let your friend use your account and they take the money. Seriously. Most FTX account breaches aren't insecure passwords: A let B use their account and then B took the funds.

12) Also, phishing is real. Don't get phished. The real defenses against this: a) use a password manager that warns if the URL doesn't match b) be on the lookout for things that look weird. If anything seems off, check to confirm.