What is Two-Factor-Authentication (2FA)?

Two-Factor-Authentication (2FA) is an additional layer of security that is implemented by a majority of online crypto-exchanges. 2FA is a subset of Multi-Factor-Authentication (MFA) in that 2FA requires two pieces of information whereas MFA calls for 2 or more pieces of evidence. In both MFA and 2FA, information only known to the correct user is required before authentication is achieved. To verify an individual’s identity and decrease the chance that your exchange account is hijacked by a malicious user, you can activate 2FA and make it such that the 2FA code in addition to their username and password is required to gain access to the account. In the same way that you may not gain access to an ATM without both a bank card and its corresponding Personal Identification Number (PIN), users must present an additional piece of information (i.e. their account’s corresponding 2FA code) when using a 2FA activated exchange account. 2FA is not a new concept and has become more popular in digital implementation and is widely recommended when using exchanges as it provides a meaningful layer of security at an arguably low cost to the user.

Although various methods exist, the most popular way to generate and manage 2FA codes is through Google’s Authenticator application. Authenticator allows people to link their exchange accounts to their application by scanning the QR code provided by the exchange when 2FA setup is prompted. Authenticator provides users with a clever way of managing their 2FA linked accounts by making use of one-time-passwords. These one-time-passwords are generated using a shared secret key on a periodic basis by both the Authenticator application and the exchange to which the application is linked. This action has the consequence of requiring direct access to the user’s 2FA device in the correct time frame to login to the account.

2FA’s primary effect is to inhibit phishing scams and online identity theft. The use of 2FA applications like Authenticator bolster your cyber security by requiring that a prospective hacker must gain access to your account information as well as your 2FA code (which would require direct access to the 2FA device or the shared secret key). Though 2FA provides an extra means of security, you must be cautious in what devices are used to access exchange accounts as compromised machines may grant malicious users access to your login information and 2FA code which would enable them to initiate an alternate log-in.

Leave a Reply

Your email address will not be published.

Fred Pye

Frederick T. Pye


Frederick T. Pye is the Chairman, Chief Executive Officer and Director of 3iQ Corp. He is also the Chairman and Director of 3iQ Digital Holdings Inc. Mr. Pye is recognized for creating and promoting creative and unique investment products for the investment industry.

Mr. Pye has managed private client portfolios with Landry Investment Management and various other investment dealers. Prior to this Mr. Pye was Founder, President & Chief Executive Officer of Argentum Management and Research Corporation, a company dedicated to managing and distributing quantitative investment portfolios including the first long-short mutual fund in Canada.

He was also Senior Vice-President and National Sales Manager of Fidelity Investments Canada and an integral part of the team that saw assets rise from $80 million to over $7.5 billion in assets under management during his tenure. He also held various positions with Guardian Trust Company, which listed the first Gold, Silver and Platinum Certificates on the Montreal Exchange.

Mr. Pye obtained a Masters in Business Administration from Concordia University.