2FA - Don't lose your funds. Protect your account!

Using just your username and password to log into a website is called one-factor authentication. If your email was stolen, a hacker would only need your password or could try different passwords to access your account.

Two-factor authentication requires another check. On Deribit this is done by an app on your phone that gives out a code that you need to enter in addition to your password. This extra check makes it much more difficult to get hacked since a hacker would need to get hold of your phone.

Two-factor authentication, TFA or 2FA, is a more secure way of sign-in  that requires more than just a password. Without TFA, the account is less secure, because the password is the only security factor (layer of the security) in that case. 2FA provides an extra security layer by requiring additional information to sign in. This additional information is a code that’s generated on your smartphone or tablet. This code is generated by special security applications (for example, Google Authenticator or any other from your App Store or Playmarket).  In the case of Deribit, two factors of security include: something you know (a unique username and password) and something you have (a smartphone or tablet) to approve authentication requests.

Deribit TFA code is the so-called Time-based One-Time Passcode (TOTP). TOTP is a variant of a hash-based message authentication code, see description of the standard RFC 6238. It combines a secret key with the current timestamp using a cryptographic hash function to generate a one-time password. The generated TOTP is valid in 30-second intervals, so you may need to check and adjust properly your system clock and time zone on your smartphone or tablet.

Further reading: Google Authenticator (iOS), Google Authenticator (Android), TFA in Wikipedia

Step 1

Download “Google Authenticator” app on your phone

Step 2

Go to the security tab of your account

Step 3

Click on “ENABLE TWO FACTOR AUTHENTICATION”

Step 4

Open your Google Authenticator app and usually to add it, you need to press the “+” symbol on the bottom right corner of the app or follow instructions to add an account or scan the barcode.

Step 5

Scan the Deribit barcode using your Google Authenticator app and enter the code from your app in the box under point 3. Be sure to write down your recovery codes for safe keeping (do not store these in your email or share them with anybody else).

Step 6

Never share your password or 2FA code with anyone including anyone who says they are Deribit staff (Deribit staff will never ask you for these).