Security is a top priority at DigiFinex. While we do everything to keep your account secure, you also have the power to greatly increase the security of your DigiFinex account.
In this article, we describe a few simple steps that you can take to secure your account, along with general good habits that you should keep in mind. Just like you, it’s in our interest to keep your account safe. The blockchain industry is growing fast, so creating a more secure environment will benefit us all.
So what are the steps you can take to increase the security of your DigiFinex account?
1. Use a strong password and change it regularly
This may sound quite obvious, but it’s an essential step for securing your DigiFinex account. You should use strong and unique passwords for every one of your accounts on the Internet. This is especially true for those that hold value – like your cryptocurrency exchange account. Ideally, these passwords should be more than eight characters long, containing both uppercase and lowercase letters, numbers, and special characters.
One of the best ways to generate, manage, and store secure passwords are password managers. This way, you can hold and manage your different passwords in a secure and convenient way, all in the same place. Most password managers will employ sophisticated encryption mechanisms to provide an additional layer of protection. Be sure to only use trusted password manager software, and of course, create a strong master password.
Having a strong password is an excellent first step, but it doesn’t mean you’re set forever. It’s also good practice to change your passwords regularly, as attackers may have ways to obtain your passwords regardless. This is not only true for your DigiFinex account, but also your email associated with your DigiFinex account.
While we’re at your email, here’s another point to consider – it’s beneficial to use different email addresses for different accounts. This way, you can mitigate some of the potentially detrimental effects of data breaches. Especially if you’re using an old email account, there’s a high chance that it has been part of a breach in the past. However, if you’re using dedicated email addresses for each service, there’s a smaller chance that a breach will affect multiple of your accounts. The website Have I Been Pwned is a great resource to check if any of your accounts were ever the victim of a data breach.
Please note that once you change the password of your DigiFinex account, you won’t be able to withdraw funds in the following 24 hours. This is to prevent potential attackers from locking you out of your account while withdrawing your funds.
2. Enable Two-Factor Authentication (2FA)
Activating Two-Factor Authentication (2FA) should be among the first things you do after creating a DigiFinex account. DigiFinex supports two types of 2FA: SMS and Google Authentication. Out of these two, we recommend Google Authenticator. Just make sure to write down your reset key in case you need to transfer your 2FA codes to a new mobile phone.
While SMS authentication may be easier to use, it’s deemed less secure than Google Authenticator. SIM swapping is a real threat, and some high profile accounts have been a victim of this technique. In 2019, Twitter CEO Jack Dorsey was hacked with this method, leaving attackers free reign over his Twitter account with millions of followers.
These aren’t the only ways to secure your account with 2FA. We’ll shortly discuss another method called Universal 2nd Factor (U2F) authentication. It involves a secure hardware device that protects your account. And good news, DigiFinex supports that too!
3. Learn about phishing
Phishing is a type of attack where a malicious actor tries to pose as someone else (for example, a business) to obtain your personal information. It’s one of the most common attacks out there, and you should be wary of it.
As a general rule of thumb, it’s best to only visit DigiFinex from a saved bookmark instead of typing the address each time. If you haven’t already, feel free to bookmark the link right now: https://www.DigiFinex.io. With this simple step, you can already avoid a good chunk of the fake DigiFinex websites that aim to trick you into getting access to your account information.
The Anti-Phishing Code feature allows you to set a unique code to be included in all your DigiFinex notification emails. By enabling the Anti-Phishing code, you’ll be able to tell if the notification emails you’re receiving from DigiFinex are genuine. If you’d like to learn more about how to use it, check out our Anti-Phishing Code Guide.
Would you like to learn about other ways to avoid phishing? Check out What is Phishing?.
4. Follow API security guidelines
The DigiFinex API is an excellent way for more advanced traders to maximize their experience with the DigiFinex trading engine. The DigiFinex API allows you to create custom trading strategies.
However, using API keys brings some risks because you’re allowing your data to be shared with external applications. When you’re using the DigiFinex API, you should consider restricting access based on IP address. This way, only the whitelisted IP addresses will be enabled. You should also consider changing your API keys regularly, and avoid giving your keys to external parties.
Keeping your DigiFinex account secure is an important consideration. We went through some of the simple steps you can take to protect your account and keep hackers from accessing your precious bitcoins and altcoins.
If you’d like to check your current security level, go to your Security dashboard. If you’re using the DigiFinex app, go to the “Security” section of your “Account” tab.
If you’d like to be even more informed, be sure to check out our articles on other security-related topics on DigiFinex Academy!