Why isn't there any 2FA and a IP whitelist security feature on Daedalus?


#1

When I compare the extra security feature on Bittrex / Bitstamp to the Daedalus Wallet, where it is only password protected to send the coins somewhere else, I am a bit concerned.
The password can easily be brute forced, no?

An IP whitelist should also be included in my opinion, with a 2FA feature… just in case.


#2

Keep in mind that Bittrex and Bitstamp are currency exchanges that run on public WWW servers, whereas Daedalus is made to be run privately on your PC. The security requirements are different.

You should compare Daedalus to Mist or Bitcoin Core, not to Bittrex and Bitstamp.


#3

Of course, but a malware installed on my computer is also installed locally, and can therefore see everything and even manipulate data.


#4

That is correct.

Every PC is subject to that kind of risk.

If you suspect your PC has been compromised at that level, you shouldn’t use it for anything, not even for traditional home banking.