PGP 2FA is your best protection against phishing. Even if you accidentally enter credentials on a fake site, attackers can't complete login without your private key.
How PGP 2FA Works
You enter your username and password
Market encrypts a code with YOUR public key
You decrypt the code with your PRIVATE key
Enter the decrypted code to complete login
Prerequisites
- ✅ Catharsis Market account
- ✅ PGP key pair (public + private key)
- ✅ GPG software to decrypt messages
Don't have a PGP key? Follow our PGP Guide first.
Step-by-Step Setup
Step 1: Log in to Catharsis
Access the market using a verified mirror link and log in with your credentials.
Step 2: Navigate to Security Settings
Go to Account → Settings → Security or Account → 2FA
Step 3: Enter Your Public Key
Paste your complete public key including headers:
-----BEGIN PGP PUBLIC KEY BLOCK-----
[Your public key content here]
-----END PGP PUBLIC KEY BLOCK-----Step 4: Verify Ownership
The market will display an encrypted message. Decrypt it to get the verification code:
# Save the encrypted message to a file
# Then decrypt:
gpg --decrypt message.ascStep 5: Enter Verification Code
Enter the decrypted code in the verification field. Click Submit.
✓ 2FA Enabled!
From now on, every login will require you to decrypt a challenge code. Your account is now protected against phishing attacks.
Logging In with 2FA
- Enter username and password as normal
- You'll see a PGP-encrypted message on screen
- Copy the entire encrypted block
- Decrypt it with your GPG software
- Enter the decrypted code
- Access granted!
Troubleshooting
If you lose your private key, you lose access to your account. Store encrypted backups in multiple secure locations.