2-factor-authentication (2FA or MFA)

I’m a bit concerned about security by only having the keychain-phrase as security for my account with all the private notes. Once somebody saw my phrase or the QR-code the other person would have access to everything. Especially if Anytype will become an “Operating System”.
Therefore I would like to have the possibility to add a second layer of security with TOTP or/and FIDO2. I think that this is a must-have-feature.
And till this is implemented some sort of notification would be nice to get if someone entered the sync-chain.

14 Likes

Absolute common sense.

Even if 2FA with an additional password is too technically complicated to implement with Anytype’s current architecture, a notification and an option to manually approve/kick devices off the sync chain is an absolute must for the near future. This could work in a similar fashion to how Syncthing, a file synchronization application works, where every device must be manually approved in order for it to start receiving data.

After all, the same basic cryptography that protects our Anytype accounts is the same ones that is protecting hundreds of millions of dollars worth of cryptocurrency.

7 Likes

I would also be hesitant to store certain kinds of information in anytype without MFA.

1 Like