It is critically important to set up 2-factor authentication (or 2FA for short) for any website that contains your private information or your funds. Here's how to do it on HitBTC:
1. Open the “Security” tab in your Settings, click "Add 2FA App".
2. Write down the backup code. It's very important to do it and to keep it safe. Click "Confirm".
3. You will see the QR code, which has to be scanned by the code-generating app. Don't close this window. Now it's time to pick up your smartphone.
Find and download the code-generating app which you like. There are several excellent options:
- Authy on the official website
- FreeOTP in App Store
- Google Authenticator in Google Play
Authy can be installed both on your desktop and mobile device. Below please find a brief Authy mobile app installation guide.
4. In Authy, set up an account and log in (you will need to enter your current phone number to confirm the account). Before proceeding further, be sure to go to "Settings" and enable the "Backups" option! This might save you in case your device gets lost.
5. Tap the "+" icon on the bottom. You will be asked to scan a QR code or enter the key manually. Both of these options are still displayed on your computer screen since step 3.
Point your camera at the QR code. It will be scanned, and Authy will display your authentication code immediately. Click "Next", type this code from your phone and click "confirm".
6. Check your mailbox: there should be an email with your confirmation link. Click it within 10 minutes, before the link has expired.
Great! You are all set, 2FA is enabled on your HitBTC account. With every login and withdrawal attempt, you will be asked to enter the 2FA code.
If you would like to use Authy on your desktop as well, you can download and install it.
Google Authenticator and FreeOTP are installed following a very similar process, except that no desktop versions of these apps are available. Another consideration when choosing the right authenticator app for you is that Google Authenticator is not transferable to a new device, so – if you lose access to your smartphone, you will not be able to recover Google Authenticator on a new one.
Note: Please keep in mind that 2FA is not a 100% security guarantee. 2FA code can be stolen via phishing, or a code-generating device might be compromised. You should not pin all your hopes on 2FA; ideally, it should be only one of the many precautions you're taking.
Do not see a confirmation email in your mailbox? Try these recommendations.
Lost your 2FA device/deleted app? These tips will help you.
We also have Yubi Key 2FA supported! Check it out. You can even have both types of 2FA enabled on your account at the same time.
2FA codes do not work? Read this article.