What is Two-Factor Authentication (2FA)

Your crypto’s second line of defense!

In an industry where a security breach can result in irrevocable losses, it is imperative to engage protective measures such as Two-Factor Authentication (2FA). At Uphold, the safety of your funds is paramount, so let’s explore exactly what 2FA is, and how it’s used within our platform!

What is Two-Factor Authentication (2FA)?

Two-Factor Authentication (2FA) is a security mechanism that requires users to verify their identity through two distinct forms, or factors, before accessing their accounts. Typically, the first factor is something the user knows, like a password. The second factor, however, is something the user has or is. This can be a text message sent to a phone, an authenticator app, or even biometric data such as a fingerprint. 

2FA creates an extra layer of security, making unauthorized access vastly more challenging for malicious actors. 

Forms of 2FA Available on Uphold

Recognizing the immense value 2FA brings, at Uphold, we encourage all of our users to engage one of our two available options: Time-based One-Time Password (TOTP), or SMS. 

By default, SMS 2FA will be enabled as long as your phone number is verified with Uphold.

TOTP

TOTP is a form of 2FA that generates a unique password which is valid for only a short period of time. The dynamic nature of TOTP offers a more secure alternative to static passwords or even SMS-based codes, which can be vulnerable to interception. Popular apps that can generate TOTP codes include Google Authenticator, Authy, and Microsoft Authenticator.

Setup:

1. In your Uphold account, Go to More (...) > Settings > Security > Enable 2-factor authentication
2. Scan the QR code with your authenticator app, or manually enter the provided Security Key
3. Insert the TOTP password to confirm the 2-factor authentication activation

SMS

SMS 2FA involves a unique code sent via SMS to a user’s registered mobile number. SMS 2FA is considered more secure than password-only systems, but is generally seen as not as strong as security mechanisms such as TOTP. SMS 2FA is only available to Uphold users in the US, UK, EEA, and Canada who created accounts after July 25, 2022.

Setup:

1. In your Uphold account, Go to More (...) > Settings > Security > Set up SMS 2-factor authentication
2. Confirm the number and then tap Confirm
3. Insert the SMS authentication code to confirm the 2-factor authentication activation 

2FA Keeps You & Your Funds Safe!

In an industry that brings together the opportunity of decentralized finance with the challenges of cyber-security, 2FA emerges as a beacon of robust defense. For platforms such as Uphold, it signifies an unyielding commitment to protect user assets, engender trust, and foster a secure trading environment. As we continue to venture deeper into the digital age, embracing such fortified measures will be the linchpin of sustainable and safe growth in the blockchain domain.

Remember, Uphold will NEVER:

• Call and direct you to move your funds - to anywhere
• Uphold will never ask you for your reset code without you processing a support ticket for a 2FA related issue
• Ask to remotely connect to your device or insist that you install software to do so

You should NEVER:

• Transfer funds under pressure
• Share your login credentials or 2FA codes with anyone, including someone claiming to be an Uphold employee
• Send funds anywhere before checking that the destination is legitimate

If in any doubt - STOP - and report any concerns to our fraud team here.

For more tips on how to stay safe - visit our Fraud & Security Hub here.

Want more from Uphold? Follow us on X and LinkedIn for more updates.

NOT FINANCIAL ADVICE

Please note that Uphold and its affiliates do not provide investment, tax, or legal advice. This message is for informational purposes only and takes no account of particular personal or market circumstances, and should not be relied upon as investment, tax, or legal advice. For investment, tax, or legal advice and before taking any action you should consult your own advisors. Note that digital assets such as cryptocurrencies present unique risks for investors. Please see our disclaimer regarding risks specific to holding digital assets before investing.