How to Improve My Account Security

Security matters when it comes to cryptocurrency. CoinEx is dedicated to providing users with safe, convenient, and stable cryptocurrency services. While we are building infrastructure, your awareness of security protection is also required to prevent potential security risks.


🛠 Enhance Account Safety with 9 Powerful Tips on Security

1. Use a secure and unique Email address to register on CoinEx

Email address is crucial to your CoinEx account. Using a secure and unique Email address to register in CoinEx will greatly reduce the risk of Credential Stuffing Attack caused by the leakage of Email information from other websites. In addition, please keep all Email-related security information properly, make sure your Email access ONLY to yourself, and check the Email security settings regularly.


2. Set a strong password and change it regularly

Set a separate, random password for your CoinEx account and change it regularly.

Please keep your account password ONLY to yourself. For password management, you can use the specific Password Manager Application to keep them organized, such as LastPass or KeepPass.


3. Enable 2-Factor Authentication for your account

2-Factor Authentication (2FA) is a secure password verification method that can be used for login, trading, adding API keys, and changing account security settings. It requires a secondary verification code in addition to a login password or any other security-related modifications.

The most commonly used 2FA algorithm is TOTP, a Time-based One-Time Password, which computes a one-time password from a shared secret key and the current time. It is difficult to crack, relatively secure, and updates in 30-60 seconds.

Please be sure to enable 2FA to add extra protection to your account and keep the mnemonic and private key properly.


4. Double check the domain address before login

By imitating CoinEx's domain name or website design, many phishing websites will take advantage of your visual or usage vulnerability, and defraud you of your personal information by misleading you to enter the account and password. Always make sure you're visiting the real site:


5. Keep your account information strictly confidential

Keep all your account-related information ONLY to yourself and do not share it with anyone else. CoinEx staff will NEVER ask for passwords, verification codes, or other confidential account-related information.

You can verify the CoinEx official Email address and Telegram through CoinEx Official Verification Channel. Any latest news about CoinEx, please be subject to the Official Announcement.


6. NEVER click unknown links or download suspicious Email attachments

In most cases, malware will steal account information through malicious links or attachments. Please be careful and double-check if there are any links or attachments sent to your Email from unknown sources. Before clicking, be sure that it comes from CoinEx official.

CoinEx supports users to add a personalized Anti-phishing Code to their accounts to strengthen account security. After the anti-phishing code is enabled, the content of the Email sent by CoinEx will contain the anti-phishing code you set, which can identify whether the received Email is from the official CoinEx website to prevent phishing scams.


7. Upgrade the protection measures of your devices

Enable password or biometric verification for your devices to avoid information leakage caused by device loss. Install anti-virus software for your devices and always keep in mind that do not download any software from unknown sources. Please use a secure and isolated device to access your account for transactions, avoid using public networks (Wi-Fi), and only connect to trusted networks.


8. Ensure API private key safety

If you have activated the API service, please keep your API private key separately and ONLY to yourself.

CoinEx API sets read-only, tradable, and cash-out permissions for the newly-added API key permissions. It has a very important role for it allows access to read and trade through the account. If the API private key has been exposed, there's a high probability that would cause the loss of your assets.


9. Improve your safety awareness

For any information and operation guidelines that cannot be verified from official sources, you need to be vigilant and highly guarded, and keep important account information properly to improve the security of your account.

You can regularly check your account activity, i.e. the login time and IP address. If you notice any suspicious situations, you can log out of all suspicious devices through Login status management or Disable your account immediately. This action will suspend all transactions and withdrawals, delete all API keys, and remove all devices that gain access to the account. If there is an abnormal situation in your account, please submit a ticket to report to us and we will deal with it as soon as possible.