What's 2FA (Two-factor Authentication) and What Is It Used For

Support Team
Updated

What is Two-factor authentication?

Two-factor authentication (also known as 2FA or 2-Step Verification) is a technology that provides identification of users through the combination of two different components.

With Two-Factor Authentication enabled on your CoinEx account, you will have to provide your password (first “factor”) and your 2FA code (second “factor”) when signing in to your account. For account security, 2FA will be required for login by default after binding mobile or TOTP to your account.

 

Difference between “Typical passwords” and “2FA”

A conventional password typically consists of a string of static information like characters, images, gestures, etc., which is insecure and easily cracked, while 2FA is more complicated and more secure.

 

2FA supported in CoinEx

1. SMS

Your account will be verified via a string of randomly generated SMS verification codes. Instantly sent while valid in a short period of time, SMS codes can only be used once before expiration. 

 

2. TOTP

The Time-based One-Time Password (TOTP) combines a secret key with the current timestamp using a cryptographic hash function to generate a one-time password, which usually changes every 30 or 60 seconds. Therefore, the client and the server are required to keep the same clock, so that the one-time password calculated by both sides based on time can be consistent.

TOTP is the most used 2FA, which updates every 30 to 60 seconds and is comparatively more secure and harder to crack.

(1) Recommended TOTP

CoinEx recommends using Google Authenticator or other offline authenticator apps such as Authenticator.

Google Authenticator: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2

LastPass Authenticator: https://www.lastpass.com

(We strongly recommend this TOTP if you are using LastPass to manage your passwords.)

 

(2) What is the secret key of TOTP?

A secret key is a piece of information or parameter, usually a string of 16-digit combinations of letters and numbers, that is used to encrypt and decrypt messages.

Take Google Authenticator as an example, when you bind Google Authenticator, you will get a 16-digit key string. If your device with the Google Authenticator is lost accidentally, you can download Google Authenticator on other devices and re-enter the 16-digit key to re-bind, and then you can log in and use it normally.

CoinEx will not backup the user's secret key, if you forget or lose the secret key, you will not be able to rebind Google Authenticator. For your account and asset security, please preserve your Secret Key via the following recommended ways:

a. Write them down on a piece of paper

b. Take a screenshot and back up in your Cloud storage

c. Record in your TOTP apps

 

(3) Why is my correct 2FA code “Incorrect"?

The most common cause for "Incorrect Code" errors is that the time on your Google Authenticator app is not synchronized with your time on the local server. In this case, make sure that the time displayed in your Google Authenticator app matches the time where you are located.

  • For Android devices:

a. Go to Google Authenticator App [Settings].

b. Tap [Time corrections for codes].

c. Tap [Sync now].

  • For iOS devices:

a. Go to iPhone Settings. (your iPhone settings area)

b. Select [General] and [Date & Time].

c. Enable [Set Automatically].

d. If it is already enabled, disable it, wait a few seconds and re-enable it.

 

If you lose TOTP without saving the secret key, please try to reset it by Resetting tool or send a ticket for more help. For more instructions, please refer to How to Reset/Change TOTP Authentication.