B2BX Exchange / Accounts & Security / What is 2-Factor Authentication

What is 2-Factor Authentication

Two-factor authentication (2FA), also known as 2-step verification, is a security layer in addition to your username and password. With 2FA enabled on your account, you will have to provide your password (first “factor”) and your 2FA code (second “factor”) when signing in to your account. 2FA codes are associated with a specific device (such as your phone) or your phone number.

In our exchange, we have 2 different types of 2FA:

  • SMS code
  • Google 2FA

Additionally, we have implemented e-mail OTP code in case you would like to withdraw funds from the exchange. You will not be able to make a withdrawal without a code confirmation sent by registered e-mail.

What is SMS (OTP)?

SMS authentication is linked to a phone number and adds an extra step of entering a random passcode. This is sent to you via SMS when you log in to your account as an added layer of protection and is also called a one time token.

What is Google 2FA Authenticator?

Google 2FA or Two-Factor Authenticator is a software token that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP), for authenticating users of mobile applications by Google. It is simply a mobile app which needs to be paired/synced with your account.

Which type of 2-factor authentication should I use?

We recommend using Google Authenticator. SMS can leave customers susceptible to phone number porting attacks. These types of attacks involve an attacker transferring or “porting” a victim’s phone number to a device the attacker controls, effectively taking over the number and associated 2-factor authentication codes.

In the articles below, you will find how to enable 2FA on B2BX exchange

  • Enable Google 2FA
  • Enable SMS 2FA