Always Put 2FA on Your Exchange Accounts

crystalgeometry (56) · 7 years ago

2FA is a requirement for anyone taking security seriously. You also need to make sure you backup your authenticator secret, so you don't get locked out by your own 2FA if you lose one device. This was very concise and well written.

$7.02

14 votes

geronimo (56) · 7 years ago

very good point. Another thing. If you keep your coins on an exchange, please withdraw it and keep them safe in a cold wallet (or hardware wallet -> trezor.io).

$1.12

taufik82 (45) · 7 years ago

sipp...

$0.00

gold84 (63) · 7 years ago

@crystalgeometry , I totally agree with you on this. @gold84

$0.00

tngflx (61) · 7 years ago (edited)

2fa is not the greatest security around still. It's still hackable. I don't know why you all are agreeing with this. https://www.theverge.com/2017/7/10/15946642/two-factor-authentication-online-security-mess

$0.00

hiroyamagishi (68) · 7 years ago

Recently a lot of attempts trying to to get my information on Phishing... I also suggest what you point on this blog... thanks sharing @kingscrown

$0.61

konelectric (59) · 7 years ago

Well, da.

$0.44

mohammedfelahi (57) · 7 years ago

nice idea

$0.26

sarahs (52) · 7 years ago

yeah ! it is

$0.00

gold84 (63) · 7 years ago

@mohammedfelahi , I agree it is important to add the 2factor authentification. This adds high security to our accounta. @gold84

$0.00

thecryptotrader (63) · 7 years ago

Always! use 2fa.!

$0.19

kunschj (64) · 7 years ago (edited)

I agree, 2FA is a must. I recently started using the Google Authenticator and it's actually easier to use than getting a code by SMS which can be hacked by social engineering access to your mobile phone account. However, I've heard some sites have a security flaw that allows hackers to bypass 2FA by using the password reset page. Someone with your user name and access to your email (many times your user name and email address are one and the same) can log-in to a site by using the password reset feature since many sites don't require 2FA for a password reset, and log you in automatically after you reset the password. Best advice, don't keep coins/fiat on exchanges.

$0.12

6 votes

https://en.wikipedia.org/wiki/Signalling_System_No._7

djrazor (42) · 7 years ago

Another reason to avoid SMS 2FA is due to the well documented flaws in SS7 (Signaling System 7)

Google Authenicator is hands down one of the best apps for 2FA

I also read today that Apple users are being extorted even though they have 2FA setup on their accounts:

http://wccftech.com/apple-icloud-ransomware-campaign/

$1.52

5 votes

surfyogi (65) · 7 years ago

Great pointers, thanks.

$0.00

kunschj (64) · 7 years ago

That Apple story is amazing and another message to website and app designers tht 2FA can't work if you don't require it at all times. Giving access to account maintenance and password changing without 2FA is stupid!

$0.00

cabledglass (25) · 7 years ago (edited)

I work in computer security and have seen a couple of websites which require 2FA on the surface, but do not actually check for the token, or offer a 'remember me' option which bypasses the 2FA. Businesses are more worried about the user experience (usability) than making the applications secure. They miss the point that if you get hacked, people definitely won't be using the website...

$0.00

kunschj (64) · 7 years ago

Yes. A false sense of security or a way to avoid blame when they are hacked. "We had 2FA."

$0.00

leonid20000 (35) · 7 years ago

google authenticator is not a good idea, if you loose your phone you will be in a big troble, use authy instead.

$0.00

vm2904 (64) · 7 years ago

@kingscrown - Thank you for opening my eyes about 2FA. I tried it and was too lazy to use it. You have correctly pointed out that many people will find that extra step to be hard and ignore it. However, after reading your blog, I immediately went and updated 2FA security on all accounts and downloaded the Authy app.

Thanks. Upvoted full

regards

@vm2904

$0.12

surfyogi (65) · 7 years ago

Get your purchase off the exchange seems prudent as well.. even more important.

Looking at exodus.io wallet lately; a universal wallet seems to be the real solution to much of this; should be far more secure than an exchange. And it will substitute for an exchange all together, much of the time ;-)

Trezor is the next step after that.
Just expect to get hacked, I would say...

$0.11

rip-youtube (50) · 7 years ago

Just started using Exodus a few days ago, and I love it. It's functional, and very pleasing on the eyes. A top-notch program.

$0.00

kiwi-simon (27) · 7 years ago

the Pillar wallet is currently being developed - it will be a one stop shop for holding, utilizing and connecting all your crypto. Seriously, check out the Pillar project...
https://pillarproject.io/

$0.00

surfyogi (65) · 7 years ago (edited)

My personal data locker; the last uber-app I'll ever need.
Have to say, this seems very centralized authority driven; lots of talk about EU gov mandates.
Hum, maybe not my cup of tea, since it's still thinking in terms of centralized authority.

$0.00

leonid20000 (35) · 7 years ago

its not good to have all the portfolio in one wallet, single point of failure,

$0.00

surfyogi (65) · 7 years ago

Paper, hardware, software.
On the software side, sure is nice to RECEIVE 10 types of tokens with 1 wallet, and built in exchange means no need for outside exchanges, in many cases.
This in my mind, ads a great deal of security to my life.
It certainly is easier to administrate.

$0.00

oluwoleolaide (68) · 7 years ago

i never even leave my tiny tokens there in the first place, i don't wanna be sniffing with my teeth

$0.10

oldman28 (57) · 7 years ago

Yes that is good advise. Well worth the extra effort to make it safer.

$0.09

kiaazad (59) · 7 years ago

You should be careful though, SMS and call based 2FA can turn into a weak point due to mobile network flaw.
steemit however is safe due to multi level keys and withdraw delay.

$0.06

leonid20000 (35) · 7 years ago

well different keys more precisely rather than multi level, but true about withdrawal delays.

$0.00

themystic (47) · 7 years ago

Yeah, I use 2FA on every email and financial website which supports it. Though going forward U2F would be the norm as it won't be specific to a service provider like Google (i.e. Authenticator app). For U2F you need a USB device which acts as a key and is more safer and concrete solution than 2FA.
One good thing which most people are not aware of is; hardware wallets like Trezor does support U2F and can be used as a key. The most secure way to safeguard any crucial data you have. The only disadvantage I see is you will need to have the physical device always. I have no idea if other wallets like Ledger Nano S supports it. Please check that out if you have it. Cheers!!!

$0.05

taspingo (50) · 7 years ago

b safe.

$0.04

surfyogi (65) · 7 years ago

only 528 votes and 60 views at 37 minutes.

CC you are slacking off here I guess!

$0.04

kingscrown (81) · 7 years ago

ill try to do better :)

$0.00

rajorajiten (69) · 7 years ago

Nice thought.....

$0.02

babitaghale (37) · 7 years ago

Two Factor Authentication is nice for me, as long as I don't lost my mobile devices

@babitaghale

$0.00

leonid20000 (35) · 7 years ago

it would still remain nice if you had authy as the 2FA

$0.00

steveit (46) · 7 years ago

I've always been a fan of 2FA....just don't loose your phone!

$0.00

leonid20000 (35) · 7 years ago

or use authy

$0.00

steemdiffuser (39) · 7 years ago

This post has received a 100.00 % upvote from @steemdiffuser thanks to: @jbbasics. Steem on my friend!

Check Us Out - Join The Steemdiffuser Frontrunners -

$0.00

leonid20000 (35) · 7 years ago

whats this?

$0.00

steemdiffuser (39) · 7 years ago

An upvote service where you can get upvotes for your posts or post you like. @jbbasics liked your post and submitted a bid for your post to get upvoted. Nice work!

$0.00

journeyoflife (67) · 7 years ago

It's better to be safe than sorry

$0.00

deeplizard (37) · 7 years ago

Agreed. And don't procrastinate! Some people do. ;)

$0.00

leonid20000 (35) · 7 years ago

sorrow replenishes the soul some say ahahaha

$0.00

dbdecoy (53) · 7 years ago

Do not use Google Authenticator. If you lose your device's data and you don't have a backup of the Authenticator keys, then you are at the mercy of the account providers to reset your account. Authy is the best app as it keeps your keys online and syncs with other devices.

$0.00

leonid20000 (35) · 7 years ago

very nice point

$0.00

themanualbot (70) · 7 years ago

Though sometimes it is annoying to have 2FA, its better to have it than sorry.

$0.00

alirazaamjad (47) · 7 years ago

good point. Something else. On the off chance that you keep your coins on a trade, please pull back it and guard them in an icy wallet (or equipment wallet - > trezor.io).

$0.00

beccadeals (54) · 7 years ago

Very good information, nicely presented. Don’t leave home without 2FA(so to speak) or in other words don’t do anything without it. More secure is always better. If someone thinks it is a hassle to do, just think how much hassle it would be if someone stole all of your money.

$0.00

etfbitcoin (32) · 7 years ago

Nice info since i've seen many people lazy to add 2FA and then they regret their decision when their account is hacked.
But it's even better not to put your coins in exchange unless you're trader.

$0.00

a12kcm5518 (25) · 7 years ago

solamente mis amigos hay que seguir los pasos para tener mas seguridad en su información

$0.00

akshaymukadam (38) · 7 years ago

Great thing your are talking about its very important in exchange website to set 2FA.
Google authenticator is awesome to use its really great app everyone need to use it.
If you set 2FA in any website you will get 100% Security in payment transactions.
Great thanks to @kingcrown for writing pos
post on 2FA.

$0.00

leonid20000 (35) · 7 years ago

in fact google authenticator does not deserve that much of credit since if you loose the phone there is no way to recover, unless u are only using it for google signin 2FA

$0.00

eternalsunshine (51) · 7 years ago

Good to know.

$0.00

adokhai (37) · 7 years ago

thanks for the information i was hacked before i started using 2 FA even after that a lot failed attempt have also made on my account

$0.00

munawar1235 (67) · 7 years ago

Great post @kingscrown. 2FA is best way to avoid phishing attacks.

$0.00

cabledglass (25) · 7 years ago

Depends on the type of attack, teaching yourself about all types of attacks and how to spot them is also a very good way of avoiding attacks.

$0.00

tristan1 (38) · 7 years ago

I whole heartly agree

$0.00

cyncarlton (50) · 7 years ago (edited)

It will be great to see Steemit make that leap with 2FA or 3FA. Thanks @kingscrown!

$0.00

deeplizard (37) · 7 years ago (edited)

Once set up, it's easier to use than the text message. Love the just do it video.
https://steemit.com/crypto/@deeplizard/gdax-login-using-google-authenticator

$0.00

rabeel (71) · 7 years ago (edited)

@kingscrown, you done a lot for steemians. 2FA is wonderful creation and you r saying right that every member should use it, i will follow your advise. thanks a lot for sharing that information.
Resteem & upvote

$0.00

drakos (70) · 7 years ago

I use WinAuth for Windows, with the data stored on a VeraCrypt partition :)

$0.00

eternalsunshine (51) · 7 years ago

What if you lose your Windows one day on the street ? No I am kidding.

$0.00

drakos (70) · 7 years ago

It's called backups (something I repeated a million times in my posts) 😄

$0.00

j4y (45) · 7 years ago

What would it take to have someone add two factor authentication for steemit.com?

$0.00

eliel (65) · 7 years ago

I have an account in some exchange, and there was always a login email in other countries, my luck is that I had nothing in the exchanges, after that I activated security in 2 steps in everything I use.

$0.00

themarkymark (78) · 7 years ago

Not only exchange accounts, anything critical should be using 2FA and cell phone text messages is a very poor second factor. Unfortunately, this is commonly used but is easy to get around using social engineering.

$0.00

ace108 (76) · 7 years ago

I wish steemit has 2FA. Without it, it is like 2nd class

$0.00

minnowsupport (70) · 7 years ago

This post received a 20% vote by @minnowsupport courtesy of @charmer from the Minnow Support Project ( @minnowsupport ). Join us in Discord.

Upvoting this comment will help support @minnowsupport.

$0.00

glenhubbardjr (35) · 7 years ago

2FA is an absolute MUST for EVERYTHING these days!

$0.00

stranniksenya (61) · 7 years ago

Nice post, resteem

$0.00

nikitinskiy (57) · 7 years ago

wow! nice!!!

$0.00

lexicaldevil (25) · 7 years ago

I would add, keep an eye on your settings as well. I got burned once on an old email account that I didn't use because my backup email was set to a retired Hotmail account. Problem was, the old Yahoo account in question was my backup account for other accounts. Things would have been a lot worse without 2FA on all of my important accounts. The guy would have been able to follow that trail upstream all the way to the bank. Make sure those backup email addresses are monitored and keep an eye on the logs.

$0.00

zafarynl (54) · 7 years ago

very useful security post. thanks for sharing.

$0.00

ykseun (33) · 7 years ago

Great idea

$0.00

rahulsaini (57) · 7 years ago

You said well....good info thanks

$0.00

arrkiin (36) · 7 years ago

I completely agree with you @kingscrown. 2fa is a duty for everyone using services in the web. Especially if there is money in place. Cheers.

$0.00

dlina-v-metrah (57) · 7 years ago

I set up 2FA on all exchanges. But recently on Стеемит has read through, that also this protection can crack: (

$0.00

walidsalah (57) · 7 years ago

bitcoin blockchain cryptocurrency money security
Best tag for the Great Post

$0.00

mattjack (51) · 7 years ago

Totally agree had my minergate account hacked before i started using google authenticator luckily withdrew most of funds night before.
Only problem i had so far with google authenticator was due to my own carelesness I didn't back up the code and recently dropped my phone in the bath resulting in being locked out of my accounts for 4 weeks untill i replaced the display. Installing a program like vysor which enables to display the phone screen on pc before would have saved my a lot of agro and lost time.

$0.00

avd (33) · 7 years ago

Totally agree, 2fa is necessary. I was faced with hacking attempts on my account on the exchange and not only. It's quite unpleasant.

$0.00

nationall (55) · 7 years ago

Thank you I am following you, I hope you will also follow up vote me this honor to me

$0.00

leonid20000 (35) · 7 years ago

what does your comment even mean? go get a real job.

$0.00

realestatecoach (54) · 7 years ago

Agree. Once you are using it then it is so simple. People need to remember how hard they worked to earn their money as a reminder to take a little step to protect it so they do not miss out.

$0.00

mostapha15 (34) · 7 years ago

Good idea .thx for shareing it with us.

$0.00

dalaidennis (36) · 7 years ago

If you put the Authenticator on a single phone and somehow you lose it/it get's stolen/broken do you lose access to your account?

$0.00

soonmoon2020 (29) · 7 years ago

Yes, people need to be careful these days!

$0.00

cryptiamo (25) · 7 years ago

Although 2AF secure method isn't absolutely secure at 100%, at this moment is one of the most efficient form of security to protect our cryptocurrencies. I think it's not so difficult because the concept of the Authenticator isn't so different compared to token key used in Home Banking actions...

$0.00

altcoin-tr (25) · 7 years ago

the stock market should not exceed 1 BTC. pull and store in the ledger nano s (or hardware wallet).

$0.00

blazing (70) · 7 years ago

i always use this its very important anyways thanks for the useful post and video along with it :)

$0.00

cryptoaddict (55) · 7 years ago

Don't hold your coins on an Exchange! Keep them in a hardware wallet.

$0.00

playfulfoodie (68) · 7 years ago

I don't like using 2FA for convenience reasons, but I'm definitely using it for my important accounts. Anything finance-related definitely needs that 2FA turned on!

$0.00

cryptotim (13) · 7 years ago

it's a pain in the ass, but it's necessary.

$0.00

nursejamie (43) · 7 years ago

Thanks for posting. I am new to crypto. Steem popped my cherry! I am learning slowly but surely. Just figured out today what key I'm supposed to be using to log in.

Followed and upvoted to keep on top of the crypto happenings.

$0.00

steemitboard (66) · 7 years ago

Congratulations @kingscrown! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

$0.00

litovets (25) · 7 years ago

Google Authenticator not always is a good idea. If your device will breaks down then it will be a big problem. Replacement of GA is GAuth add-on for Chrome.

$0.00

johnycrypto (60) · 7 years ago

Easy to setup and a BIG difference in the account security!
Thanks for helping the community

$0.00

khaleelkazi (75) · 7 years ago

2FA is key right now. I'm waiting for the day when things like Trezors are used for 2FA throughout any platform (there is a short-list of applications that currently allow for Trezor integration).

Especially in terms of crypto exchanges - why big exchanges like Polo, Coinbase and Bittrex haven't added hardware integration is beyond me.

$0.00

tonimarco (47) · 7 years ago

Its very important a password manager i recomend keepass:

$0.00

steemitboard (66) · 7 years ago

Congratulations @kingscrown! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Your post was the most upvoted on one day

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

$0.00

yooraa (49) · 7 years ago

I like your posting .post is good. i want to be like you are a lot of fans. and i need your support in achieving the ideals in order to become a good artist. i need support from you.

$0.00

leonid20000 (35) · 7 years ago

what u need is a real job.

$0.00

onlyvoluntary (60) · 7 years ago

i did 2fa and it was a nightmare :/lulz

$0.00

vinicivs (25) · 7 years ago

Thank's dude! It's a perfect post to my 1st Steemit comment!

$0.00

leonid20000 (35) · 7 years ago

how about dont keep them in exchanges?

$0.00

zayushz (47) · 7 years ago

nice information dear...
as the technology is upgrading the hackers are also changing their methods but thanks to F2F security

$0.00

arcange (73) · 7 years ago

Congratulations @kingscrown!
Your post was mentioned in the hit parade in the following categories:

Upvotes - Ranked 3 with 729 upvotes
Pending payout - Ranked 7 with $ 175,12

$0.00

valer7 (34) · 7 years ago

I cannot believe the people holding a large volume on an exchange with no 2FA, just seems super risky, and really it only takes a few minuets to move most crypto. I hope people start being more careful with their money.

$0.00

photo-moment (50) · 7 years ago

Thanks for this post. We need more security in crypto world. Everybody think they are safe until one day they lose their money. Better to have one more small step than lose money.

$0.00

geckothailand (51) · 7 years ago

I wouldn't mind if it were being 3 Factor Authentication. Security is important and with Rising technology, you can't protect yourself enough from thieves and criminals.

$0.00

wodahs (25) · 7 years ago

I am using for all my accounts and 2FA. I recommend to to using it.

$0.00

ronsbtusandbits (32) · 7 years ago

Hi folks, Yes we all need to work toward being safer with the cryptos and computers, phones, etc. 2FA is definitely a good thing.

$0.00

bitgeek (62) · 7 years ago

Congratulations @kingscrown, this post is the most rewarded post (based on pending payouts) in the last 12 hours written by a Hero account holder (accounts that hold between 10 and 100 Mega Vests). The total number of posts by Hero account holders during this period was 185 and the total pending payments to posts in this category was $2805.58. To see the full list of highest paid posts across all accounts categories, click here.

If you do not wish to receive these messages in future, please reply stop to this comment.

$0.00

nationall (55) · 7 years ago

Thank you I am following you, I hope you will also follow up vote me this honor to me

$0.00

cryptonia (60) · 7 years ago

Follow=Follow + 5 upvotes
Please follow me and say hello in the comment, in response I will follow you back and give you 5 upvotes. win win.

Deal is a Deal.

$0.00

rahulsharmaitm (37) · 7 years ago

followed you

$0.00