Two-factor authentication (2FA) adds an additional layer of protection beyond passwords to your web2 and web3 accounts. Wallet OTP is a free and completely open sourced public good that protects all your accounts by encrypting your 2FA secrets with your Wallet's public key before storing on decentralized storage. When you need 2FA, Wallet OTP generates new dynamic 6 digit OTPs (one time passwords) every 30 seconds for each of your accounts. That way, you and only you can use Wallet OTP to authenticate and log in to accounts across the web.
This hack is awesome because it has all the power of Authy, Google Authenticator, or the auth app you already use with extra perks:
- Privacy and security: Wallet OTP encrypts your 2FA secret keys with your wallet's public key for maximum security. This means your 2FA keys are as safe as your crypto. Here's a Wallet OTP encrypted 2FA record stored by "address":"0x61c4eF50cC from Wallet OTP. Notice how all fields (service, account, secret, plus corresponding symmetric keys for each field) are encrypted by Lit Protocol before being stored on Polybase decentralized storage. Even though the records are stored in public, no one can decrypt and view them except the person with signing capabilities for the 0x61c4eF50cC... address.
- Free access from any device: Wallet OTP is intentionally device agnostic and designed for multi-device use - you can access the Wallet OTP app on any device simply by connecting your wallet
- Data availability: Wallet OTP stores encrypted data on distributed, decentralized storage. With distributed, decentralized storage there's no way a Google or Twilio intern can accidentally drop the only table your encrypted keys live in, and no chance your encrypted keys are lost.