Security matters when it comes to cryptocurrency. CoinEx is dedicated to providing safe, convenient, and stable cryptocurrency services for users around the globe. While we are building infrastructure, your awareness of security protection is also required to prevent potential security risks.
Here are some tips you could use to enhance your account security:
Use a secure and unique Email address to register on CoinEx.
Email address is crucial to your CoinEx account. Using a secure and unique Email address to register in CoinEx will greatly reduce the risk of Credential Stuffing Attack caused by the leakage of Email information from other websites.
In addition, please keep all Email-related security information properly, and make sure your Email access ONLY to yourself, and check the Email security settings regularly.
Set a strong password and change it regularly.
Set a separate, random password for your CoinEx account and change it regularly.
Please keep your account password ONLY to yourself. For password management, you can use the specific Password Manager Application to keep them organized, such as LastPass or KeepPass.
Enable 2-Factor Authentication for your account.
2-Factor Authentication (2FA), is a secure password verification method that requires a secondary verification code in addition to a login password or any other security-related modifications.
The most commonly used 2FA algorithm is TOTP, a Time-based One-Time Password, which computes a one-time password from a shared secret key and the current time. It is difficult to crack, relatively secure and updates in 30-60 seconds.
Please be sure to enable 2FA to add extra protection to your account and keep the mnemonic and private key properly.
Keep your account information strictly confidential.
Keep all your account-related information ONLY to yourself and do not share it with anyone else. CoinEx staff will NEVER ask for passwords, verification codes, or other confidential account-related information.
You can verify the CoinEx official Telegram, WeChat, and Email address through the CoinEx Official Verification Channel. Any latest news about CoinEx, please subject to the Official Announcement.
Do NOT click unknown links or download suspicious Email attachments.
In most cases, malware will steal account information through malicious links or attachments. Please be careful and double-check if there are any links or attachments sent to your Email from unknown sources. Before clicking, be sure that it comes from CoinEx official.
CoinEx supports users to add a personalized Anti-phishing Code to their accounts to strengthen account security. After the anti-phishing code is enabled, the content of the Email sent by CoinEx will contain the anti-phishing code you set, which can identify whether the received Email is from the official CoinEx website to prevent phishing scams.
Upgrade the protection measures of your devices.
Enable password or biometric verification for your devices to avoid information leakage caused by device loss. Install anti-virus software for your devices and always keep in mind that do not download any software from unknown sources. In addition, avoid using public networks, only connect to a trusted one. Please use a secure and isolated device to access your account for transactions, avoid using public networks (Wi-Fi), and only connect to trusted networks.
Ensure API private key safety.
If you have activated the API service, please keep your API private key separately and ONLY to yourself.
CoinEx API sets read-only, tradable, and cash-out permissions for the newly-added API key permissions. It has a very important role for it allows access to read and trade through the account. If the API private key has been exposed, there's a high probability that would cause the loss of your assets.
Improve your safety awareness.
For any information and operation guidelines that cannot be verified from official sources, you need to be vigilant and highly guarded, and keep important account information properly to improve the security of your account.
You can regularly check your account activity, i.e. the login time and IP address. If you notice any suspicious situations, you can log out of all suspicious devices through Log in Status Management or disable your account immediately. This action will suspend all transactions and withdrawals, delete all API keys, and remove all devices that gain access to the account. If there is an abnormal situation in your account, please submit a ticket to report to us and we will deal with it as soon as possible.