- Should you keep Crypto-assets on an exchange account or a hardware wallet?
- Are you scared of losing your funds on an exchange?
- Do you worry about what would happen if the exchange shuts down?
Well, you are not alone in worrying and fearing such thoughts, as this is perhaps the most frequently asked questions by newbies. And, in this “How to secure crypto exchange account” guide, you will find an answer to all your questions. It doesn’t matter if you are using Binance exchange, or any other popular cryptocurrency exchange, as long as you are using an exchange to buy/sell cryptocurrencies or holding your cryptocurrencies, this guide is what you need. In fact, share this guide with your friends and family who are dabbling into the world of cryptocurrencies.
A little backstory…
Cryptocurrencies have opened up pandora’s box for many of us, and since it is not regulated like traditional finance, there are very few provisions for customer protection. As I always say “First comes the innovation and then comes the regulation“. It would be just a matter of time when a lot more countries would start putting the rules and regulations to regulate the world of cryptocurrencies.
Until that happens, there are things you could do to stay compliant and secure. It does not matter which country you are from, these safeguard mechanisms would ensure your own safety and help you in an event of a catastrophic situation.
Also check out: Online security 101
Binance Hack Story: An event that could happen to anyone:
Anyone who is working in the space of crypto-assets as a trader or investor is not immune to hacking. It can happen to anyone, and when it happens, it would give sleepless nights.
The other day, my Binance account was hacked, and seems like a hacker got access to my account using API Key. Since my API key only had trading functions enabled, luckily I didn’t lose any funds, but it started an event of back and forth with customer support of Binance exchange. As, because of erratic trading on my account by the hacker, the Binance engine figured out something is wrong with the account, and they paused the trading function and sent me this email.
Like it or not, even the most popular exchanges are struggling with keeping users’ support demand, and it took me over 4 days to get my account access back.
Here are the informations asked by Binance team to restore all functions of my account.
But this event reminded me a lot of things, and I realized even being a techie, they hacked me, how about millions of other users who are not so tech-savvy, how will they keep their Binance account secure?
However, my hack was because of a silly error that I made, and perhaps I will tell you that story in my YouTube videos. For now, let’s learn how to secure your Binance account.
Here, I’m adding all the things you could do from today to ensure the safety and security of your Binance account. These methods apply to all the crypto exchanges out there and are not limited to Binance only. As long as you are using a crypto exchange, you should be following all the steps to ensure your account remains secure. Some of the safeguarding mechanisms you should do once in a while, to ensure your crypto exchange account is safe and secure.
Let’s learn how to keep your Binance account secure.
Steps to keep your Binance account Safe and Secure:
One of the biggest mistakes a lot of users make is by using their exchange account as a wallet. This is a big mistake, as your exchange account is always targeted by hackers, and sometimes the entire funds of an account were hacked (Read about Mt. Gox hack), or sometimes the exchange CEO runs away with the user funds. I’m not saying you would face the same with Binance, as they are too big and they have one of the best security measures in place, however, there are possibilities of such events with any exchange in the world. If a crypto exchange got hacked, they might file for bankruptcy, and you won’t be able to retrieve your funds.
I understand you might keep funds on Binance or exchanges to take advantage of their saving account feature, but again it is risky. It is alright to keep those funds on an exchange that you need for trading. However, move your funds to a cold wallet such as Ledger Nano X (hardware wallet), which is the safest way to secure your funds. In fact, a wallet like Ledger also helps in the staking of your coin, and you can connect it with Metamask to enjoy all the features directly.
This might not be an ideal situation for many of you, and it is ok. But rule remains the same; exchanges are prone to hacking, and always remember “Not Your Keys, Not Your Coins”.
2. Secure your email account
Your email account is an important piece of the puzzle, that you need to secure. If you are dealing with a large sum of funds, you are better off creating a separate email account for crypto exchange sign up. Make sure you use a complex password (start using a password manager), and setup 2FA for your email.
A lot of users might find this inconvenient, and if you are one of them and don’t want to do this, at least ensure your email account is super safe and secure.
3. Backup Key while setting up 2FA:
Every exchange including Binance offers a 2-factor authentication feature, and I have earlier published a detailed guide on how to use 2 Factor authentication. Make sure you are using 2FA, and while setting up 2FA, you note down the backup key on a piece of paper. This backup key will let you restore 2FA in case if you lose access to your phone. This will also save a lot of hassle in the near future.
If you want to take your Binance account security to the next level, you can use a security key like Yubikey. This is a physical device, and you need to tap the physical device button to enable 2FA. This is useful for those who have significant funds on an exchange account. I believe this feature is unique for Binance exchange, as I have not seen many exchanges having this feature.
Along with this, make sure you enable SMS authentication and E-mail address authentication, which will be used for every deposit/withdrawals you are making. Many users find it annoying, but this is perhaps the best way to secure your account.
Read more about 2FA:
4. Whitelist address:
This is an underutilized feature of Binance exchange, which safeguards you from funds withdrawal when your account is hacked. Using this feature, you can allow withdrawals to the addresses that you have whitelisted.
“Address Management allows you to save and write memos for each of your withdrawal addresses. The optional Whitelist function helps protect your funds by only allowing withdrawals to whitelisted addresses.”
Again, you may find this feature annoying as when you need to withdraw funds to a new address, you first need to add that address as a whitelist, but compared to the pain of losing your funds, this step is a piece of cake.
5. Anti-phishing Code
By setting up an Anti-Phishing Code, you will tell if your notification emails are coming from Binance or phishing attempts. This is a great way to find out if something is attempting a phishing attack. You can enable this and all the above features by going to the Profile > security tab on your Binance web app.
6. Device management:
This feature let you see which all devices have access to your Binance account and revisit this once every few months. Remove any device that you don’t recognize, or remove your old devices to maintain the top security of your Binance exchange account.
7. Binance API key Security
Another sure shot way to get your Binance account hacked is by exposing your Binance API key to others, or using it on a less trusted website. There are a few things you could do to mitigate this risk:
- Create Binance API Key only when necessary.
- Use only high quality and trusted 3rd party website where you are adding your API Key
- Never give deposit/withdrawal permission when creating API Key
- Delete unused API Key
Conclusion: Binance hacked – Securing your Binance account
Once your Binance account is hacked, there are only little things you could do. One of them is getting in touch with the Binance support team, and before that, you can also disable your Binance account from the Binance security center.
You should ensure that you never get to that stage where your account is hacked, and you might end up experiencing endless sleepless night. Keeping all the above security check on your Binance account will help you to keep your account safe and secure.
By the end of the day, know that being a new industry, cryptocurrency world is full of scammers and hackers who would not miss out on an opportunity to derail your financial life. A famous saying in the world of cryptocurrency is “You are your own bank”, and that meant; even if you have no experience of online security, you need to learn it and ensure the safety and security of your online accounts and crypto-assets.
There are many more things you could do to improve your overall security of crypto-assets, and here are those tutorials which will guide you:
Harsh Agrawal is the Crypto exchange and bots expert for CoinSutra. He founded CoinSutra in 2016, and one of the industry’s most regarded professional blogger in the fin-tech space.
An award-winning blogger with a track record of 10+ years. He has a background in both finance and technology and holds professional qualifications in Information technology.
An international speaker and author who loves blockchain and crypto world.
After discovering about decentralized finance and with his background of Information technology, he made his mission to help others learn and get started with it via CoinSutra.
Join us via email and social channels to get the latest updates straight to your inbox.