How to Keep Your Bitcoins Safe With Two-Factor Authentication (2FA)
Have you ever heard of “2FA”, or “two-factor authentication?” Sometimes an online service, like an email or bank account, will ask you to check your phone for a special code to prove it’s really you. This adds another layer of protection to your data — but some 2FA methods are much safer than others. Read on to find out more, and how to set it up on your accounts.
Join the Bitsonline Telegram channel to get the latest Bitcoin, cryptocurrency, and tech news updates: https://t.me/bitsonline
What Is 2FA and Why Should I Use It?
In the past, online services would send you a login code via SMS, or email you a link, after you typed in your password. Some still do. This provides an extra layer of security if your password happens to fall into the wrong hands.
Recently, online wallets and exchanges such as Coinbase have transitioned their two-factor authentication (2FA) from SMS messages or email to separate mobile apps, such as Google Authenticator or Authy.
This is helping users identify securely without the risk of “man-in-the-middle” (MITM) attacks. As Bitcoin’s popularity rises, so does the number of new customers on exchanges. However, hackers follow the trend as well.
The idea behind 2FA involves using two elements to log in: something you know, and something you have.
In almost all cases, the former is your regular password. The latter usually has something to do with your phone, as we usually carry it around wherever we happen to be. Given the security breaches in cellular communication, NIST has strongly advised against using SMS messages for 2FA.
2FA Mobile Apps
A good alternative is to use Google Authenticator, which uses a “time-based one-time password” (TOTP). Such a system takes into account the current time and a shared key, only known to your device and the online service, in this case, the exchange.
On the device, a one-time password will be shown — which changes every 20-60 seconds. Entering the password shown on the device into the exchange’s login screen, along with the regular credentials, will allow the user access to the service.
This method isn’t vulnerable to MITM attacks because there is no message shared between the two parties. Actually, the device doesn’t even need to be online at all.
This would be great, but if you lose or break the device with the Google Authenticator app on it, you’re in trouble. More on that in Step 3 below.
How to Set up Google Authenticator for Coinbase
Note: these instructions are for Coinbase accounts, but you can use Google Authenticator on any service that supports it.
- Log in to Coinbase profile on a web browser.
- Go to Settings >> Security and click on the Enable Authenticator button.
- You will be shown the Authenticator Secret Code in plain text, as well as a QR code. Write this secret code down and keep it safe, because if you lose your phone but still have the secret code, you can regain access to your account.
- Download and open Google Authenticator on your Android or iOS device.
- Scan the QR code by tapping the + sign at the top right corner and then selecting Scan Barcode.
- You’ll now see a new entry added to the Google Authenticator list with a code.
- Back in the browser, type that code in the 2FA text box and submit it.
- You’re done! Coinbase will ask if you’d like to be requested the 2FA code to send funds out of your account, or just to login. Select and option and hit Save.
Was that guide useful to you? What would you like to see next? Please let us know in the comments.
Images via Coinbase, Google, Defense.gov