Today, we're excited to announce that Tarlo now supports two-factor authentication (2FA), adding an essential layer of security to your IPFS storage account. This feature has been one of our most requested additions, and we're proud to deliver enterprise-grade security for all our users.
In a world where data breaches and account takeovers are increasingly common, protecting your decentralized storage has never been more important. With 2FA enabled, even if someone obtains your password, they won't be able to access your IPFS content without your authentication device.
What's New
Tarlo's 2FA implementation includes support for all major authenticator apps (Google Authenticator, Authy, 1Password, Bitwarden), secure backup codes for account recovery, and a streamlined setup process that takes less than two minutes to complete.
Why 2FA Matters for IPFS Storage
When you store content on IPFS through Tarlo, you're trusting us with files that may be critical to your applications, websites, or business operations. Unlike traditional file storage where deleted files might be recoverable, IPFS content that's unpinned can be difficult or impossible to retrieve.
Two-factor authentication protects against the most common attack vectors:
- Password breaches: Even if your password is compromised in a data breach elsewhere, attackers can't access your Tarlo account
- Phishing attacks: Fake login pages can steal passwords, but they can't generate your time-based authentication codes
- Credential stuffing: Automated attacks using leaked password databases are blocked by the 2FA requirement
- Social engineering: Even if someone tricks you into sharing your password, your account remains protected
How to Enable 2FA on Your Tarlo Account
Setting up two-factor authentication on Tarlo is straightforward and takes just a few minutes:
Quick Setup Guide
- Log into your Tarlo account and click the profile icon in the top-right corner
- In the "Two-Factor Authentication" section, click "Enable 2FA"
- Scan the QR code with your authenticator app of choice
- Enter the 6-digit code from your app to verify the setup
- Save your backup codes in a secure location (critical for account recovery)
We support all major authenticator apps including Google Authenticator, Authy, 1Password, Bitwarden, and any other app that implements the TOTP (Time-based One-Time Password) standard.
Backup Codes: Your Security Safety Net
When you enable 2FA, Tarlo generates a set of single-use backup codes. These are crucial for account recovery if you lose access to your authenticator device. Store these codes securely—we recommend printing them and keeping them in a safe place, or storing them in a password manager.
Security Best Practice
Never store your backup codes in the same place as your authenticator app. If you lose your phone, you want to ensure you can still access your account through an alternative method.
IPFS Security: Managed vs Self-Hosted
This 2FA implementation highlights a key advantage of managed IPFS services over self-hosting. When you run your own IPFS node, security becomes entirely your responsibility—and it's more complex than many developers initially realize.
Managed IPFS (Tarlo)
- Enterprise-grade 2FA implementation
- Regular security updates and monitoring
- Professional incident response
- Compliance with security standards
- Account recovery mechanisms
Self-Hosted IPFS
- Manual security configuration required
- You handle all security updates
- Network security entirely your responsibility
- No built-in account protection
- Server access = full content access
Self-hosting IPFS means securing not just your application, but also your servers, network infrastructure, API endpoints, and access controls. One misconfigured firewall rule or unpatched vulnerability can expose your entire content library.
What's Next for Tarlo Security
Two-factor authentication is just the beginning of our security roadmap. We're working on additional features to keep your IPFS content safe:
- API key management: Fine-grained access controls for automated systems
- Audit logging: Complete visibility into account activity and content changes
- Content encryption: Client-side encryption for sensitive files
- Team management: Multi-user accounts with role-based permissions
Enable 2FA Today
Security is not optional in today's digital landscape. Whether you're storing NFT metadata, dApp frontends, or critical business documents on IPFS, protecting your account should be a top priority.
Enabling 2FA on your Tarlo account takes less than five minutes and provides protection that would take significant time and expertise to implement on a self-hosted IPFS setup. It's one of the easiest and most effective security improvements you can make.
For developers who value both security and simplicity, managed IPFS services like Tarlo offer the best of both worlds: enterprise-grade protection with the convenience of a hosted solution.