Setting up 2-factor authentication (or 2FA for short) for any website that contains your private information or your funds is an absolute must. Here's how it's done:
1. Click "Settings" at the top right corner of the website and open the "Security" tab.
2. Download the application suitable for your device.
There are multiple options when it comes to choosing the right 2FA application:
Authy can be installed both on your desktop and mobile device. You may find a short installation guide for the Authy mobile app below.
3. In Authy, set up an account and log in (you will need to enter your current phone number to confirm the account).
4. Tap on three dots in the top right corner to open the Settings page.
5. On the Account tab, add an email address and enable backups to be able to recover the codes in case you lose access to your current device.
6. Go back to the main screen and press +; you will be asked to scan a QR code or enter the key manually (you can find both on your Security page: https://exchange.bitcoin.com/settings/security
7. Print out or write down your backup code and keep it in a safe place. If your device is broken, lost, or stolen, this will be the only way to log in without asking for assistance from our support team.
8. Enter the code from your app and click the "Confirm" button.
9. Check your mailbox: an email with a confirmation link should arrive. Click it within 10 minutes, before the link has expired.
Great! You are all set.
Now, 2FA is enabled on your account. You will be asked to enter the code with your next and every attempt to log into your account. You will also need to enter the code to confirm every withdrawal of funds from your account.
If you would like to use Authy on your desktop as well, you can download the app at https://authy.com/download/ and install it on your computer. As you have already set up an Authy account on your smartphone, all you need is to authorize the new device.
Google Authenticator and FreeOTP have similar installation processes however there is no desktop version of these apps. Also, Google Authenticator is not transferable to a new device - if you lose access to your smartphone, you will not be able to recover Google Authenticator on a new one.
Note: Please keep in mind that 2FA is not a 100% safety guarantee. 2FA codes can be stolen via phishing, or the code-generating device might be compromised. 2FA should not be your only hope, it has to be one of the many precautions you're taking.