How To Be SafeThese days, it seems like everybody's getting hacked- Bitfinex, Mt. Gox, you name it! But what about your Crypto-Games account? It's definitely a possibility, so we've created this article to help you secure your account- and help you do it right!
2FA2FA has been a very good technological advance in terms of protection- unfortunately, you'll need a phone to do this, but it's a very good way to secure your account. The most common way of utilizing this method of security is to simply turn it on! 2FA will send a text to your phone asking for confirmation that you want to use this as your 2FA device. Once you enter a code to confirm it, you'll be all set! Each time you login, you'll need to use a code sent to your phone- this can be a hassle, but assuming you've already logged into your account on one device, you won't need to use 2FA for a while. While not the most secure way of protecting your account in the world, 2FA ensures that both devices (computer and phone) are needed to log into an account, thereby increasing security. 2FA can also be hacked- yes, it is possible because no security method is unbreakable That's why we recommend putting up multiple layers of security, so that if one layer fails, there's redundant layers to stop it. An example of a potential threat can be found on Androids where some screensavers CAN view your phone's screen and potentially hack your 2FA or PIN. More ways 2FA can be hacked are:
- Someone could gain access to your 2FA device or OTP list (lost or stolen phone, device, or OTP lists).
- A malicious application (like a trojan horse) that you install on your device steals your 2FA data.
- Real-Time Phishing (the phisher asks for your OTP, then uses it immediately).
- Insecure set up (for example, using Google Voice with your SMS based 2FA).
- Man in the middle attacks (hackers insert themselves between your web browser and the web site, and steal your 2FA credentials as they are transferred).
- Phishers pretending to be technical support tricking you into disabling your 2FA.
- Phishers pretending to be you trick your technical or customer service support into disabling your 2FA.
- Getting access to your 2FA via hacking some other related site (for example, breaching your cell phone provider's web site).