2nd-factor authentication is nothing new to the people who are into the technology field for a while. In our last article in this series, I have explained in depth about what is 2FA and how does it benefit.
I also explained in detail about YubiKey which enables us to make 2FA more secure by using a hardware (Physical) device.
However, right now the most practical way of setting up 2FA is by using a mobile authenticator app called Google Authenticator. This is an official app by Google and it was earlier widely used for securing Gmail account and now most of us are using the same technology to secure our accounts on exchanges.
In this tutorial, I will explain in depth about:
- What is the Google authenticator app
- How to set up 2FA using Google authenticator app (Taking example from Binance)
- What happens to 2FA if you lose access to your phone
- How to ensure maximum security when setting up 2FA
And few more tips to help you get started with Google authenticator and 2FA.
Getting started with Google Authenticator for 2FA security
Google Authenticator remains one of the most efficient and fastest methods to set up two-factor authentication on your cryptocurrency trading/exchange accounts. It is a free app and is readily available on both Google Play and the App Store.
The very first thing you should do is download the Google Authenticator app from the app store for your mobile phone. Now, make a list of websites for which you want to enable 2FA.
My recommendation is to start by securing your most important asset and that is your email account. Here are a few suggestions for you:
- Setup 2FA for your Google account
- Setup 2FA for your cryptocurrency exchange account (Binance, Bittrex, Bitfinex, Gate.io and any other that you are using)
- Securely backup your 2FA key on a secure note-taking app. I use Dashlane notes feature. You can use any other or even use a paper/pen to take backup.
Alright, let’s move ahead and setup 2FA for your account.
Steps to set up Google Authenticator to enable 2FA:
Here is how you can set it up if you are looking for a reliable 2FA partner.
For the purpose of shedding light upon the whole process, I am using Binance as an example to set up the 2FA process. Please note that this is just an example and you can swap out the Binance exchange for the one that you are using. The procedure involved is quite standard and similar across all exchanges.
1. Go to Binance.com (for example) and log into your exchange account.
2. Enter your email ID and password and click on Login.
3. The website will now ask you to complete a small puzzle by dragging a piece of it through the slider. This is in place to make sure you are a human and not a bot.
4. Once you are on the homepage of the website, Hover over the profile icon in the top right panel.
5. Click on Account. This will take you to the account details and settings page of the exchange.
6. If Two Factor Authentication is not enabled on your account, the website will automatically give you a pop up as a recommendation to set it up.
7. As you can see, there are two ways in which you can enable 2FA – Google Authentication and SMS Authentication. Choose the type of 2FA that you want to go ahead with.
Note: It is recommended that you stick with Google Authentication for more security.
8. In case you don’t get this pop-up window, you can find the options sitting right on the accounts page in the right-hand panel.
9. Click on ‘Enable’ option in front of Google Authentication. This will take you to a page that shows the relevant steps to be followed in order to set it up.
10. As you can see, the first step is to download the App on your smartphone. Pick up your smartphone (I feel like I am spoon feeding you now) and go to the Play Store or App Store.
11. Download the Google Authenticator application on your smartphone and launch the app once it’s installed.
12. Click on ‘Begin’ to set up 2FA using Google Authenticator. The app will ask you to Add an Account by either Scanning a barcode or Entering a provided key.
13. To complete this step, go to your Binance account and click on ‘Next Step’.
14. You will now be able to see a QR code along with a key. Scan this QR code through the Google Authenticator app on your smartphone by selecting the option ‘Scan a barcode’. Alternatively, you can even enter the provided key.
15. Once the QR code has been scanned or the key has been approved, you will now be able to see your Binance account added to the list of accounts inside your Google Authenticator app.
16. The 6 digit code that you see is the 2nd factor for authentication that you will use while logging into your exchange account. This code is also dynamic as it keeps changing on a regular basis for increased security.
17. Once this is set up, click on ‘Next Step’ on your Binance Account.
18. The exchange will now ask you to write the 16-digit Key down on a piece of paper. You need to save this key somewhere safe as it will be useful in the case you lose your phone and need to reset the Google Authenticator and set it up on a new phone.
19. Click on ‘Next Step’ again. You will now be on the final page to Enable Google Authenticator. You will need to enter your Key (the one you’ve just saved in the previous step), Login password and 2FA Code on the Google Authenticator app to Enable Google Authentication.
20. Now every time you log in and enter your email and password, Binance will ask you to enter the Google Authentication code. All you need to do is simply launch the Google Authenticator app on your phone, enter the code that is given there accordingly in the field, and click on Submit.
Importance of Saving your 2FA backup Account Key
Now that you know how to set up Google Authentication, it is crucial to understand the importance of preserving your 2FA backup Key. Almost in the 90% cases when setting up 2FA, you will be given the backup key (As we have seen above) and it’s important for you to save it securely. Do not save it on Google docs or Gmail or a place which can easily be hacked.
When you enable 2FA on your exchange account, you will be provided with a Key. This Key is an extremely important tool in your security arsenal since it will help you recover your account in the case your phone gets lost or stolen.
Make sure that you have a hard copy of such a Key stored somewhere safe at all times. Here are some important points to note in this regard:
- Such Keys are in place to improve the security of your account and reduce the probability of Identity Thefts.
- You may not be able to recover your account if you end up losing both your phone and this Key. This means that your whole cryptocurrency portfolio will end up being behind bars for life with no possible access.
- In the case your exchange does allow you to raise a ticket with the support team to recover your account, the process is very tedious and may take several days to process. This means loss of valuable trading opportunities at the least and a negative feedback from the support team at the worst.
- If you ever change your phone, using this 2FA backup key, you will be able to move your 2FA to a new phone.
Conclusion: Setting up 2FA using Google Authenticator App
Writing this tutorial took me more than 3 hours and I believe it’s an important piece for anyone’s online security. It may take only 2-3 times before you get accustomed with using Authenticator app to log in to your exchange and email account and it will be hardened your security by multiple folds.
Especially with a lot of new users (not so tech savvy) getting into this crazy crypto frenzy, using 2FA is a must. I will look forward to hearing your experience of setting up the Google Authenticator app for your account. Also, it would be great if you share this tutorial with other friends who are into the crypto world and yet unaware of the risk of getting hacked.
Let me know your experience and thoughts in the comment section below. I will see you in the next article.
Here are a few hand-picked articles for you to read next: