ACCOUNT SECURITY OF THE CRYPTOCURRENCY EXCHANGE: BEGINNERS FRIENDLY GUIDE

We have prepared a crypto exchange account security guide for traders. We tell you how to protect yourself from hackers without buying a hardware key and other difficulties. Read the article (about 20 minutes), follow the tips and secure your account on the exchange from scammers.
The guide has been prepared by the CScalp terminal team. You can get CScalp by leaving your e-mail in the form below.
By clicking the 'Get for Free' button, you agree to the 'Privacy Policy'

How to work with passwords

Password is the basis of a trader's cybersecurity. You must learn how to manage your passwords not only securely, but also conveniently. If it takes a long time to find and enter a password, user automatically starts saving time at the expense of security.

The purpose of this guide is to help traders build their work with accesses not only reliably, but also conveniently.

Password strength

Let's start with a simple advice - use long and complex passwords.

The longer the password, the better it is. If you store passwords correctly, then it makes no difference to you how long the password is. Therefore, make it longer than 8 characters.

Your passwords must contain both case letters (for example, n and N), numbers, and special characters. Passwords like "12344321" and "iloveyou" are bad passwords.

It’s good if the password is randomly generated. Password managers have a special feature for this - a password generator. A password generated by a password generator is stronger than a human-generated password. Even if they are the same length.

The longer, more complex and random the password, the more problematic it is to crack it by brute force.

One Time Password

One password can only be used once. It couldn’t be used twice.

It often happens like this: a trader remembers one password and uses it everywhere. This is a mistake. If one account is hacked, then all your accounts will be at risk.

Passwords and browser

It is impossible to remember a large number of unique and complex passwords. What to do? Many users store accesses in browsers (for example, in Google Chrome). This is more convenient than storing "in the head" or Excel, but not safe.

The browser's built-in storage is the first place for hackers. And in most cases, hackers will get there without any problems. Therefore, we do not recommend storing passwords in the browser.

Password manager

An alternative to storing passwords in memory, Excel or the browser is a password manager. This is an application for storing logins and passwords and secure authorization. The manager “can” not only store, but also insert passwords directly into the authorization form.

Password manager companies use the most advanced encryption technologies and invest huge sums in security. This provides convenience and a level of security that is far superior to “writing the password in Excel”.

It takes time to get used to the password manager. But it's worth it. After implementation, you will need to remember only one password - the password from the password manager.

Tips for choosing and using a password manager:
Cloud storage
Choose a manager that stores passwords in the cloud.
This is convenient, you will have access to your passwords from different devices. If you lose access to your computer or phone, your passwords will be saved. With cloud storage, it will be easier to transfer to a new device.
Manager Security Priority
The password manager is the password for all passwords. Its safety is a priority. Use a complex and unique password for the manager, use a master password, enable two-factor authentication (2FA), and log into the manager only from trusted devices. Logging into the password manager from someone else's device is not a good idea.
Additional features
Password managers have useful built-in features: auto-generate passwords, check hacked accounts, secure notes, and more. Use additional functions - it is convenient and increases security.
Advices
The password manager will give you security tips. For example, if you use a password that the manager considers untrustworthy, then he will inform you about it. Listen to his advice and follow the recommendations.

Account checking

The services you use can be hacked. Nobody is secure from this. Sometimes hackers publish or sell user databases - logins and passwords. To protect yourself, you need to regularly monitor the DarkNet (dark web) and check your accounts for leaks.

You can check the data through the leak aggregator: you enter your e-mail or login in the search box, the service displays the results of the check. However, not all leak aggregators are safe. Some of them are targeted at phishing.

It is convenient and safe to check accounts for leaks through a password manager. Enter your e-mail and configure the password manager to track it. If the manager detects a threat, it will immediately notify you.

Password updates

According to the rules of the "old school", it is believed that the regular change of passwords increases cybersecurity. With the manager, changing passwords is easy - you can do it in a couple of clicks.

However, many companies and cybersecurity experts consider changing passwords to be outdated. For example, Microsoft has abandoned the practice of regularly changing passwords in Windows.

Two-Factor Authentication

Two-Factor Authentication or 2FA - is an account login with two types of confirmation of account ownership. Usually, the first is a login and password, and the second is a special code that is sent via SMS, e-mail or a special application.

For example, you log into your account on the exchange, enter your username and password. Then you will receive a verification code on your phone. You enter the code and only after that you can get into the account.

In order to enter an account, you need two conditions - to know the login/password and have access, for example, to SMS (depending on the authentication method). A variant with three conditions also could be used.

2FA advice - always use two-factor authentication! If you enable 2FA, then it will be ten times more difficult for a hacker to get into your account. Strong argument, right?

2FA variants

There are different options for two-factor authentication. The most common are 2FA via SMS, e-mail and a special application, such as Google Authenticator.

The opinion of the authors is that 2FA through specialized services is more reliable than through e-mail or SMS. There are known cases of hacking the databases of mobile operators and mail services, and fraudsters using fake documents can gain control over the SIM card. Doing this with 2FA applications is much more difficult. Therefore, if you can choose, then choose the option with 2FA through the application.

2FA services

Below we have prepared a brief description of 2FA services that are used to protect accounts on popular cryptocurrency exchanges.

Google Authenticator

Majority of cryptocurrency exchanges support two-factor authentication through Google Authenticator (GA). This is a simple and convenient application that does not require creating an account and any settings. It is enough to install GA and connect it to your account. The data is stored only on the user's device. Google Authenticator is available on iOS, Android and BlackBerry OS.

Exchangex: Binance, FTX, Bybit, OKX, EXMO, Bitfinex, BitMEX.

Authy

To use Authy, you need to create an account linked to a phone number. The application stores user data on a cloud server, so access them from any of the connected devices. Authy supports macOS, Windows, iOS, Android, and Chrome.

Exchanes: FTX, BitMEX.

Binance Authenticator

Binance Authenticator is Binance's own application. User data is stored in the cloud, so you need to create an account to use the application. Binance Authenticator is used to complete two-factor authentication on Binance only.

Backup

When you enable app authentication, the service generates a secret key. Based on this key, one-time codes for logging into your account are created. The secret key may look like a set of characters or a QR code. Keep the key in a safe place in case you lose your device. For example, write it down on your paper sheet.

Popular authenticator apps, with the exception of Google Authenticator, offer to store your secret key in the cloud and automatically sync password storage with devices. To do this you need to create an account linked to a phone or e-mail.

Another way to store the secret key is in a password manager, in secure notes. You can also write down the key on paper or print it (if it is a QR code). If you choose the second option, consider the risks associated with storing a "paper" version of the key.

Device security

The security of your accounts also depends on the security of the device you are using. Let's analyze the security rules of the device: computer, tablet, smartphone.

Regular updates

Regularly update your OS (Windows, macOS, iOS, etc.) and the applications you use, such as the exchange app. Almost every update contains patches for discovered vulnerabilities. If you do not update, then a situation is possible when the vulnerability has already been discovered and is known to everyone, but you still have it "open".

Antivirus

Use a licensed antivirus downloaded from the official website of the developer. If you have downloaded and installed a pirated version of the antivirus, do not count on reliability and security. The antivirus must have an updated database. It also needs to be updated regularly.

VPN

When you work through an unfamiliar network, use a VPN. This is a secure, encrypted connection that allows you to keep your data private and bypass local restrictions. If you're going to be using a VPN all the time, set it up carefully to keep it secure.

Exchange account security

Separate e-mail

Register an account on a cryptocurrency exchange using an e-mail that you do not use anywhere else. If you have ten accounts on the exchange, register ten email addresses.

Important! Mail also needs to be protected by 2FA.

Anti-phishing

Phishing is a way for fraudsters to obtain user data (logins and passwords). Phishing could be done in a variety of ways. For example, hackers can host an email campaign on behalf of Binance. The letter contains a link to a fake site that cannot be visually distinguished from the real Binance site. If you enter your username and password on such a site, they will fall into the hands of scammers.

Some cryptocurrency exchanges have an anti-phishing feature in order to fight scam. In your account security settings, you can set a code that the exchange will use to sign all your emails. It looks like this:
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
There is a code - the letter is real. If you receive a letter without a code, beware.

Master password

Some exchanges allow you to set master passwords.

The master password is an additional password for individual actions. For example, you can log into your account using the usual login / password combination, and in order to withdraw assets, you also need to know the master password.

Be sure to use master passwords if you store significant amounts on the exchange.

WhiteList

The white list allows you to set addresses that proceeds withdraw with minimal checks. Add your addresses to this list and making transactions with these addresses will become faster and more convenient.

Separate device

It’s amazing, If you use a separate device for trading on a cryptocurrency exchange that you don’t use for internet surfing.

If you do not need a large monitor for trading (you are not actively trading), then make trades from your phone through the exchange application. Do not use other devices to log into the exchange account.

It should be understood that different devices have different levels of security. It is believed that due to its architecture, the iPhone is more secure from viruses and hacks than a Windows PC.

API keys

API keys are an analogue of the login (Api Key) and password (Api Secret). They are needed to connect a third-party application to an exchange account.

API keys have customization options. For example, you can configure the keys that can only receive exchange information ("read only" keys), and transactions will be prohibited.
Example #1: A trader wants to trade on a cryptocurrency exchange through a trading terminal, such as CScalp. To do this, he creates API keys on the exchange with permission to trade and enters them in the terminal. CScalp connects to the exchange, you can trade.
Example #2: To track and analyze trades, a trader connects a special service to the trading account, for example, Free trader's diaries. To do this, it is enough for him to create “Read Only” API keys. He enters the keys in the diary, data on transactions begin to arrive.

One API – one connection

Use a separate API keyring for each service. For example, one pair for CScalp, another for a trader's diary, etc. Delete keys that you no longer need. Access to the account on them will immediately disappear.

IP restriction

You can set an IP limit in the API Key settings by whitelisting trusted IP addresses. After that, it will be possible to connect to the trading account through the keys only from the IP specified by you.

This setting is recommended if you have a static (permanent) IP address. Also, IP can be dynamic, that is, change. You can find out the IP type and connect a static IP address from your ISP.

Cryptocurrency Security Instructions

Binance

Log in to Binance and click on the user icon in the top menu. A side menu will be opened: here you can set up two-factor authentication at “Security” and API keys at “API Management”.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
Enable two-factor authentication via Binance Authenticator or Google Authenticator. To set up a logging in, you will need to install one of the applications on your phone.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
Below, in the “Devices and Activities” section, enter the anti-phishing code. All emails from Binance will be signed with this code.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
You can also specify addresses for cryptocurrency withdrawal (white list). Withdrawals can only be made to these addresses. For example, you can set the withdraw only to the address of your cryptocurrency wallet.

In the "API management" section, you can create API keys and create options for them.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
To trade on Binance Spot and Futures markets through the trading terminal, check the boxes next to “Enable Spot and Margin Trading” and “Enable Futures”. To connect to the diary, use the “Enable Reading” keys. Add your IP address to the whitelist if using a static IP.

FTX

To set up security on FTX, go to the exchange website and click on the user icon. Then open "Settings".
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
In the "Security" tab, enable two-factor authentication via Google Authenticator or Authy. In addition to logging into your account, you can use two-factor authentication to withdraw funds from FTX (enabled by default). You can also set a password and specify a white address for withdrawing funds.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
To set up API keys, go to the "Api" tab. Here you can create trading and reading API keys. In the key settings, you can add an IP address to the white list.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password

Bybit

Bybit account security settings are located in the “Account and Security” section, API keys in the “API” section.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
Follow the "Account & Security" section and enable two-factor authentication via Google Authenticator. Without this step, you won't be able to generate API keys.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
In the “API” section, you can configure the keys according to the “Reading and Writing” and “Read Only” parameters.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
You can also add your IP address to the whitelist.

OKX

On OKX account security settings are located in the “Security Settings” section, key settings in the “API” section.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
In the security settings, enable two-factor authentication via Google Authenticator and enter an anti-phishing code. You can also set a password and enable two-factor authentication for withdrawals.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
OKX API keys parameters are specified when they are created. You can create "Read" or "Trade" keys, add your IP address to the whitelist and set a password for the API.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password

EXMO

Go to the EXMO website and click on the username. In the list that appears, open "Settings".
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
In the "Security" section, enable two-factor authentication via Google Authenticator. In the "API" section, you can add your IP address to the whitelist.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password

BitMEX

On BitMEX account security settings are located in the “Security Centre” section, API key settings are located in the “API keys” section.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
In the security center, enable two-factor authentication via Authy or Google Authenticator. To do this, click "Add TOTP". Add your IP to the whitelist if you have a static IP.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
You can also enable PGP email encryption.

BitMEX API keys parameters are set when they are created. You can specify an IP address to restrict the key.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
There are currently no other settings for API keys on BitMEX.

Bitfinex

On Bitfinex, security settings are located in the “Security” section, key settings in the “API keys” section.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
Enable two-factor authentication with Google Authenticator. You can also configure email encryption, set session parameters, add cryptocurrency withdrawal addresses, and set up withdrawals.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password
API keys are configured upon creation. If you need keys to trade, enable the "Create and cancel orders" option. Needed keys to read - leave it off.
Crypto exchange, Accounts security on the crypto exchange,Password strength, One Time password, OTP, Passwords and browser, Password manager, Accounts checking, Password updates, Two-factor authentication, 2FA variants, 2FA services, Google Authenticator, Authy, Binance Authenticator, Backup, Device Security, Regular Updates, Antivirus, VPN, Exchange account security, Separate e-mail, Anti-phishing, Master Password, WhiteList, Separate device, API keys, IP restriction, Cryptocurrency Security Instructions, Binance, FTX, Bybit, OKX, EXMO, BitMEX, Bitfinex, Binance security, FTX security, Bybit security, OKX security, EXMO security, BitMEX security, Bitfinex security, Exchange security, how to protect my account, how to protect my exchange account, how to create good password

Conclusion

In real life, traders do not always follow the recommendations from our guide.
We advise you to treat the recommendations as follows: each item makes it harder for a hacker to get into your account. The more recommendations you use, the more secure your account is.
If you keep insignificant assets in your account, then you should not complicate your life. If you keep a lot of money on your account, then you should follow all the rules from the manual in order to "sleep well".

Trader’s Chat

Join our official trader’s chat. Here you can communicate with traders, find trading soulmates and discuss market. See you in our chat!

Don't forget to subscribe our official CScalp news channel and get to know our bot.

If something is not clear, just contact support via Telegram @CScalp_support_bot, you will get an answer in couple of seconds.