Crypto exchanges such as Binance and OKX, which are known for their leading positions in the market, have sent their users warning emails about important changes related to Google Authenticator. Here are the details…
Binance warns users about Google Authenticator
In the warning message sent by Binance, it was announced that one-time verification codes created by Google Authenticator, which offers two-factor protection, can now be obtained and stored on multiple devices, which brings potential risks. The warning emphasized certain points that users should pay attention to. As part of the new feature, Google Authenticator allows one-time verification codes to be received and stored on multiple devices using a single Google account. While this may seem like a useful feature, it also poses a real security risk for Binance accounts.
In the email, users were warned that all one-time codes associated with their Binance account, including those crucial to cryptocurrency funds, could be compromised if their Google account is hacked or compromised. Additionally, Binance reminded users to “disable the Google Cloud sync feature for two-factor authentication (2FA) to ensure the security of their crypto funds.”
As a result, one-time Authenticator codes will now be received using a single Google account. It can also be stored on multiple devices. While this feature may seem useful, it poses a security risk to the Binance account. All your one-time codes could be vulnerable if your Google account is compromised or hacked. “To protect the security of your crypto funds, we highly recommend disabling the Google Cloud sync feature for two-factor authentication (2FA) on Binance,” the exchange says. Instead, it recommends users use the 2FA alternative, Binance Authenticator.
What is Google Authenticator?
Apps like Google Authenticator provide an additional layer of security when accessing and transacting with crypto exchange accounts like Binance. The application generates a verification code required to access exchange accounts. This code is only generated by the Google Authenticator app installed on the user’s physical device. As a result, simply having a username and password is not enough for an attacker. They must also have the verification code.
2FA verification is a crucial layer of security to add to your online accounts. However, if you receive the codes via text message, you are vulnerable to attacks. A better way to manage these quick codes has so far been to use an authenticator app like Google Authenticator or Twilio Authy. When you use an authenticator app, multi-factor codes can be used within the app instead of a text.