All About 2FA
What is two-step verification?
Two-factor authentication (2FA) is an extra layer of security for your password. When 2FA is enabled on your account, you will need to provide your 2FA code when performing certain actions in the app.
How does TOTP work?
Crypto.com uses a Time-based One-time Password (TOTP) for two-factor authentication, which involves generating a unique 6-digit temporary one-time code* that only lasts 30 seconds. To perform any actions that will affect your assets, you will need to enter this code in addition to the regular password. *Please keep in mind that the code should consist of numbers only.
What actions in Crypto.com app can trigger 2FA?
- Sending crypto to other users of the app
- Crypto Withdrawal
- Fiat Pull
- White Wallet Address List
Keep in mind that once 2FA is enabled, it becomes mandatory for all types of transactions (crypto or fiat withdrawal, white wallet address list, gift card purchase, mobile airtime, etc.) when you use an untrusted device. How to set up 2FA? Please refer to thestep-by-step guide.
What verifiers should I use?
Providing strong security and an excellent user experience is always our top priority and we support a variety of validators. There is an excellent authentication app that we would recommend – Authy (Android) / Twilio Authy (iOS). Authy not only supports the creation of 6-digit code that is as time-dependent as other validators on the market, but also offers the following features:
Multi-device support
2FA tokens automatically sync to any new device you approve. If a device is lost, stolen, or retired, you can simply deauthorize it from any authorized device.
Encrypted backups to restore
Authy utilizes encrypted backups in the cloud. If you lose your phone, you can still access Authy (Android) / Twilio Authy (iOS) accounts from other devices Please note that we support a variety of authenticators, and you can also use other authenticators like Google Authenticator, and change to Authy (Android) / Twilio Authy (iOS) at any time. How to activate 2FA? From the Crypto.com app menu, tap Security > Settings > two-factor authentication > turn on 2FA. Verify with your passkey if it's set up, or enter your passcode. Scan the QR code with a verification app or copy the code to add it manually by clicking on the small pages icon. Reduce the Crypto.com app and open the authenticator app. In the authenticator app, select Add a new account. So, select the option to manually enter the secret key (the long code we copied). Paste the code into the text field by long-pressing it (you should see the option to paste). Save your changes. The authenticator app will start generating 2FA codes with a validity of 30 seconds. Please keep in mind that the code should consist of numbers only. Click and hold the generated 6-digit code in the validator app to copy it. (Please make sure you can complete step 9 in the next 30 seconds). Open the Crypto.com app. After entering your regular passcode again, click the blue “Proceed to verify” button and then paste the 6-digit code from the authenticator app.
