Last Updated: February 10, 2020
At Okcoin, we take security seriously. Please ensure that you frequently revise your own personal account security and your digital life. No amount of security at Okcoin can make up for inadequate personal security.
It is essential for clients to take advantage of the account security tools available at Okcoin, and to NEVER share access to the account with anyone else.
Securing your Okcoin login
1. Choose a username that is hard to guess and not used on any other website. Never share your username with anyone.
2. Create a password that is long (at least 15 characters) and that is not used on any other website.
3. Set up Two Factor Authentication (2FA). Google Authenticator is preferred, but a mobile phone number is also possible. This is the most important security feature.
4. Beware of phishing scams. Never share your account details on a phishing website or share it with a scammer.
5. Only use Okcoin official mobile app. Beware of third-party mobile apps using Okcoin’s name or asking for your Okcoin credentials.
6. Use API keys with caution. Sharing your API private key is the same as sharing your account password!
Securing your Email
If the email account registered to your Okcoin account is compromised, it can be used to request your username, reset your password, and approve withdrawals.
1. Create a password using the same tips as for your Okcoin password, but make the email password different.
2. Remove your phone numbers from your email account.
3. Check your settings and activity.
Securing your Internet
A compromised internet connection can steal your login details and direct you to phishing sites. Here are some ways you can secure your internet connection:
1. Router password. Change the default password on your home internet router. Keeping the default password will allow any stranger from the internet to gain control over your router. To prevent brute force attacks, use a long phrase (rather than a single word) along with numbers and symbols.
2. WiFi password. Make sure your WiFi network is password protected. This is separate from the router password.
3. Guest network. Create a guest network if your router has that option and keep the main network private for your devices only.
4. Avoid public WiFi. Use your mobile data plan instead. If you have to use public WiFi, make sure to have a reputable VPN (avoid free VPNs).
Securing your Devices
A compromised device can log everything you type into it, and mobile devices are the most common way to use Two Factor Authentication (2FA).
1. Device password. Create a secure passphrase and use fingerprint login if possible. Avoid easy to guess pins and login patterns.
2. Don't share your device. Don't get guilted by friends and family to share access and passwords to your devices, especially if you use those devices for your 2FA.
3. Never give remote access. Some customer service teams will request remote access to your computer to help troubleshoot technical issues, but this is very dangerous and it is also the favourite technique of scammers. So always say 'No' to applications such as AnyDesk, RemotePC, TeamViewer, and GoToMyPC. OKCoin Support will never ask you to install remote access software!
4. Avoid public devices. Only login from your personal devices.
5. Avoid work devices for personal accounts. They are able to monitor and record your activity.