You Can Now Use Hardware Security Keys on Binance

2019-06-28

Binance has added a new security feature: two-factor authentication (2FA) through hardware security keys. Incorporated into the newly-redesigned Binance website, this new feature allows Binance customers to use a more secure method of verification for your actions on your Binance account. This is in addition to the SMS and Google Authenticator options supported on the website and apps.

The Binance website, both on desktop/laptop and mobile, now supports the FIDO2 open authentication standard. This means that 2FA devices that support this standard, like YubiKey, Trezor, and others, can be used as security keys for your Binance accounts. This means that for as long as you have security keys that you can use on your device, you can take advantage of this feature. 

Note: As of now, the Binance apps do not support security key 2FA. We’re working on enabling support on the app soon. In case you activate the security key option, you’ll only be able to withdraw using the Binance.com website, but you’ll still be able to log in through the other 2FA methods.

What Are Hardware Security Keys and What Do They Do?

To understand how hardware security keys work, let’s first discuss 2FA briefly.

At Binance, we encourage users to enable 2FA, through which when you log in or withdraw, you’re asked to verify as a second layer of security that it is indeed you who is accessing your account.

Previously, the options available on Binance.com for 2FA are SMS Authentication and Google Authentication, which are both useful methods for securing your account. For both options, you are sent a six-digit passcode that is usable for a limited time to verify your access. For SMS, you receive the code via a text message, while for Google Authenticator, the app generates a code that changes every few seconds.

Doing 2FA via hardware security keys works a bit differently. With hardware security keys like YubiKeys, you just plug in your hardware key to the USB or Type-C port of your desktop/laptop or phone, and the key completes the verification for you. In the case of your Binance account, when you’re prompted to attach your key and you do so, it confirms that your withdrawal transaction is legitimate.

What Are the Benefits of Using Hardware Security Keys?

Enabling 2FA on Binance is always a good security practice. Authentication via SMS and Google Authenticator carry some security and convenience advantages since you can verify your access using your phone, which is something you have with you constantly. However, these solutions are software-based, and on their own, they can be compromised when, say, a sophisticated hacker gets access to your SMS messages or the code from your Google Authenticator app. 

Hence, hardware keys offer stronger security than the software methods of 2FA. With hardware keys, you get the following benefits:

1. Better, more tangible security. Enabling 2FA via security keys is more secure and tangible than 2FA options associated with a phone number or an app-generated code, which can be susceptible to attacks. Through security key 2FA, users are required to plug in their keys physically into USB or Type-C ports. A user then touches or clicks the button on the security key to generate a random security code, thus substantially enhancing security.

2. Anti-phishing. By default, the security key is bound with the real Binance.com when the user registers it with Binance account. With security key 2FA, the security key will verify the website address as well. Thus, phishing attacks will be mitigated.

3. Exclusivity. An account can only be registered with one security key. With this being done, it will only authenticate the registered device. Plus, the security key will generate a unique security key for each verification, bringing an extra level of security to your account and digital assets.

How to Use Security Keys on Binance?

Now that we discussed how security keys work, we now show you how to use Yubikey for your Binance account. Please note that security key 2FA only works on the desktop/laptop and mobile web versions of Binance.com at the moment, and not on the Binance apps

1. On your account’s user center, click the Security tab. Under 2FA, click the "Setup" button for Security Key. Tip: YubiKey is the name displayed next to Security Key, but any key that supports the FIDO2 standard can be used here.

2. Insert your security into an available USB or Type-C port (depending on your device) and press the button within 60 seconds. Once that’s done, you can label your hardware keys if you want.

3. Check the email you use for your Binance account to verify that you have enabled YubiKey. 

And just like that, you have enabled better protection for your account. In case you need to deactivate your security key 2FA, follow the steps on this guide.

Note: By activating YubiKey verification, you will only be able to validate withdrawal requests through your hardware key. Binance apps do not support YubiKey at the moment. YubiKey verification is only supported in the following browsers: Chrome v49.0 or later, Opera v42 or later.