What is 2FA?


Two-factor authentication, also known as 2FA, is a two step verification system and a subset of multi-factor authentication. This layer of security is a method of confirming a user's claimed identity by utilizing a combination of two different factors (something a user knows and directly has on hand) in addition to a username and password.


At CoinExchange.io, we employ the use of Google Authenticator as our 2FA layer of security. Google Authenticator generates two step verification codes on your phone or mobile device.

This two step verification provides stronger security for your CoinExchange.io account by requiring an additional step of verification when you sign in. In addition to your username and password, you will also need a code generated by the Google Authenticator app on your phone or mobile device.


Visit the link below to download the app for Android (Google Play Store) or Apple (iTunes).


Android:    https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en

Apple:        https://itunes.apple.com/au/app/google-authenticator/id388497605?mt=8



Setting Up 2FA on your account.

  • In order to enable 2FA on your account, click Settings followed by Manage Google Authenticator and follow the instructions.
  • Use the Google Authenticator app to scan the barcode present on the screen, doing this will add your CoinExhange.io user account to the app. The code within Google Authenticator will then refresh with a new 6 digit number every 30 seconds.
  • Simply enter the code currently displayed on your device and then press Confirm Google Authentication Code, your Google Authenticator setup should now be successful.
  • Ensure that no spaces are present between digits when entering your 2FA code.



Removal of 2FA from your account.

  • In order to remove 2FA from your account, click Settings followed by Manage Google Authenticator.
  • Simply enter the current Google Authentication code displayed within the app on your device and the click on the Remove Google Authenticator button. Your 2FA should now be removed from your account. You can re-enable at a later stage.
  • It is highly recommended to re-enable 2FA as soon as possible for additional security.



Backing up the secret code.


Please ensure to write down and store the Google secret code (displayed on the setup screen when first enabling 2FA on your account) somewhere safe, in case you lose your phone or mobile device. You are also able to take a photo or screenshot of the secret code and print it out. This secret code allows you to enable 2FA from another device in the event you lose or damage your phone or mobile device. If you forgot to record the 2FA secret code when enabling 2FA on your account, you will need to remove 2FA and write the secret code down when re-enabling 2FA.



If you are experiencing other issues with Google Authenticator:


Please refer to Google's documentation on their product page linked below:


https://support.google.com/accounts/answer/1066447?hl=en&vid=0-687893835478-1495311380164


If you are using a new phone or mobile device, you will need to transfer your Google Authenticator to your new phone or mobile device and manually add each app with the secret code you initially used to enable it. Google does not have great documentation on this process, but try these articles:


https://support.google.com/accounts/troubleshooter/4430955?hl=en#ts=4430956


https://productforums.google.com/forum/#!topic/gmail/mWZvnPPElas



What to do if you lose or can no longer access your device containing your 2FA?


If you have lost or no longer have access to your Google Authenticator device please create a support ticket and follow these steps to help us restore access to your account:


1. Please let us know as accurately as possible what balances you had in your account.

2. Please also let us know the amount and currency of the last deposit to your account.

3. Please provide at least one IP address that you have logged in with in recently.

4. Please let us know your username.

5. Please let us know the exact email address you used to register your CoinExchange.io account.


With this information we will be able to verify we are actually talking to the account owner and will be able to remove your 2FA so you can log into your account again.



2FA troubleshooting.

  • The most common cause for two factor failures is that the clock on your phone or mobile device has expired.
  • There is only a 30 second window for 2FA confirmations.
  • If your clock has wavered outside of this time frame, you will NOT be able to login.


Please ensure your phone is configured to sync with your cellular network.