There are a few reasons given why Steem doesn't need two factor authentication.
https://steemit.com/steemit/@steemnews/two-factor-authentication-for-steemit-2fa
https://steemit.com/security/@v4vapid/2-factor-authentication-is-it-enough
The main reason is because of Steem's private key system (posting, active, owner, memo) combined with the fact that it takes 13 weeks to cash out Steem Power. Indeed, this does make Steem more secure than every other cryptocurrency, but it's still a ridiculous excuse for not making Steem even more secure with the traditional measures that all other companies are using these days.
Yes, it's been shown that your SMS text message can be hacked and forwarded, therefore making two factor authorization worthless. However, the difficulty of doing so is extremely high. Most hackers would simply move onto the next hack rather than hack your phone.
Even if two factor authorization was smoke and mirror security like we see at the airport it would still be worth implementing simply because the general public does not trust cryptocurrency. It would put their minds at ease and instantly bring in huge investors to the platform.
Even I am guilty of not trusting cryptocurrency. I trust my coinbase account because it's insured and I trust Steem because all my coins are vested. Moving on to other currencies seems very risky to me.
I really don't see what the big deal is how complicated could it really be to give the community this option?
Hey I gave you a follow. Think you have a great content. Steem needs more authors like you :) Cheers.
Btw, love this article --> https://steemit.com/steemit/@edicted/steem-power-need-for-logarithmic-soft-caps-explained Totally agree
The infrastructure is already present. 2FA service providers would just have to be added as required authorities on the user's account. If there's a market for it we could see several competing providers with different models.
Ideally proposed transactions would make this even cleaner: https://github.com/steemit/steem/issues/318
Two Factor is NOT smoke and mirrors, albeit, by phone/sms it possibly is.
But you have Airbitz/Edge, BitID, etc that need no password and are designed for blockchain/decentralised and regular logins. We already see its use with Bitshares/OpenLedger as a password-less login method impossible to directly hack.
Im all up for it ! :)
This is a solid idea, no reason not to implement it as most places make it an option, not a requirement
2factor authentication in most necessary but stressful
Nice one