1. Home
  2. Q&A
  3. Account security
  4. Two-factor authentication (2FA)

Two-factor authentication (2FA)

Why do I need two-factor authentication?

Two-factor authentication is a ‘must-have’ security measure for securing all financial services in the 21st-century. Besides the standard password, 2FA involves entering a one-time code each time you log into your account or attempt to withdraw funds.

Therefore, if by chance, malicious attackers have access to your username and password, it will not be possible for them to access your account and use your funds without a one-time code.

Core advantages of two-factor authentication are as follows:

  • You do not need additional facilities for work because authentication is performed via a mobile device, which is usually within reach.
  • The confirmation code is always new and more secure than a single password.

How to enable two-factor authentication?

You can enable two-factor authentication in the account settings on EXMO.com in the “Security” section. Step-by-step instructions are available at the link.

What does 2FA "Account sign-in" mean?

After activating the “Account sign-in” feature, you will receive a unique one-time code while you log into your account. You will have to enter this code each time, along with your login and password. You can get such a code via push notifications in the EXMO.com mobile app or through Google Authentication installed on your phone.

What does 2FA "Account sign-in and fund withdrawal" mean?

The “Account sign-in and fund withdrawal” feature enhances your account’s security. In addition to your login and password, you will need to enter a unique one-time code each time you change your profile settings, withdraw funds, or log into your account. You can get such a code via push notifications in the EXMO.com mobile app or through Google Authentication installed on your phone.

What does it mean to use 2FA "Account sign-in and fund withdrawal" - "Allow skipping 2FA when withdrawing funds to wallets from "Templates"?

If you select the box “Allow skipping 2FA when withdrawing funds to wallets from “Templates” that means you have selected “Account sign-in and fund withdrawal”. A confirmation will no longer be required when withdrawing funds, as the details are already stored in “Templates”.

Please note that if you have previously made a withdrawal on your account, but the details were not saved to “Templates” or you carried out a new transaction, you will need to confirm the withdrawal and select the authentication type used before.

How do I turn off two-factor authentication?

In order to disable two-factor authentication on your EXMO.com account, go to the “Security” section of the Profile Settings. Then turn it off by clicking on the slide button.

What is Google Authenticator and how does it work?

Google Authenticator is an app for generating one-time authentication (TOTP) codes. The application is supported by Android phones, iPhone and BlackBerry, and can also work without an Internet connection.

The user needs to install the application on the selected device to generate random codes. These codes must be entered in the appropriate field when changing profile settings, withdrawing funds or logging into an account. In addition to the mobile app, browser plugins are available (for example, an extension for Google Chrome).

Follow the link to learn how to set up Google Authenticator.

What should I do if I haven’t received a push notification with a 2FA code?

You may not receive a push notification to log into your account or confirm fund withdrawals for the following reasons:

  • You do not have the EXMO.com app installed or you are not logged into your account.
  • You have turned off notifications for the EXMO.com app.
  • Your phone is out of network coverage, it cannot access mobile data or Wi-Fi.
  • Phone software freeze. In this case, the push notification is received after updating the network connection or rebooting the device.
  • Problems with mobile operators.

Please don’t send the request to resend the code via push notification multiple times in a short period of time. It’s better to request it after 10 minutes. If you haven’t received a push within 30 minutes, please contact EXMO.com support.