I have seen some people mention that their tokens have been stolen from their wallets, I dont know how, but I think adding a 2 step verification would help with the security of every wallet.
I dont have any knowledge regarding how this is done but I hope someone takes it into consideration. Thank you for reading!!
Hi @andre17,
The team has considered this over the years (it is a common request). The issue is, this may increase your security in some scenarios but definitely not in others, and may lead users to think they are safe by simply having 2fa enabled.
MetaMask is a non-custodial wallet, so say 2FA was added, and you enabled it. You then go to a site and enter your seed phrase (maybe you think it’s the real MetaMask asking you when in fact it’s a phishing site). 2FA will NOT help you in this case.
2FA may help with locally compromised machines, but even so, you could enable 1 minute auto-lockout timer on your vault under settings to increase the security, and also use a long and complex password to make it difficult to crack.
Also, if you use a secure password for your computer, you are essentially using two layers of password protection (computer profile password plus MM encrypted vault password).
For more security suggestions, please check this article: https://metamask.zendesk.com/hc/en-us/articles/360015489591-Basic-Safety-and-Security-Tips-for-Metamask
Yeah, I think a common misconception is that people believe the secret recovery phrase (seed phrase) is something that unlocks MetaMask, but in reality, the seed phrase is the keys to your accounts at the blockchain level. Even if we add a 2FA option, anyone with your seed phrase can still access your funds. MetaMask is just software for interacting with the blockchain, we don’t control your account and aren’t a custodian of your funds.
There is a new overlay hack on Sites like Uniswap, Pancakeswap etc… They are waiting for u to connect wallet, it mimics n logs seeds… How idk, but it’s happening, then make a swap n baam everything cross cains on Metamask Wallets Gone.
The Coin Creators and Contract designers need to create Revoke, Reverse and Take back policies! Thos one way Gone is BS, I’m beginning to believe The Creators of Coins are the ones responsible behind many of the Hacks as I spoke to Vitalik n It was simply sorry dude, join a mining pool lmfao! Coinfirm promises to help recover Funds, they will only recognize you if u got money.
This overlay hackers very very real!
BEWARE OF SITES “CONNECT WALLET” pay attention to connection!