Many of the big cryptocurrency exchanges are very secure. With restricted IP addresses, identity verification, and two-factor authentication (2FA) as standard. What happens if you lose access to your account? How can you regain possession and access your funds if you lose your backup codes or forget your password? I recently reset my accounts on three big exchanges and on-ramps. Here’s what I discovered.
All three of these websites allow you to use the Google Authenticator app as a secure producer of 2FA codes. Without access to this app, you are at the mercy of the exchange in question. You have no choice but to follow their rules and requests.
While these rules and regulations may slow down the reinstatement of your account, it also makes it difficult for hackers, social engineers, or other ne’er-do-wells to access your account.
Binance Account Recovery
To recover your Binance account you must complete the identity verification process. This process is completely automated, which makes it fast and easy to complete. This reset procedure was the fastest of the three exchanges discussed here.
Binance requires a photo of you holding a piece of paper with the following written on it:
- Today’s date
- Exchange name
- 2FA authentication method
Binance also requires a photo of the front and back of your government-issued identity card and a photo of your face.
After uploading this evidence, Binance’s automated system does the rest. Verification failed for me the first time, but after uploading with a better photo, I gained access to my account in less than 30 minutes.
This automated system is very fast to reset your account. You’ll still need to enter your password, and you can re-enable 2FA once you regain access. It’s a risk the system may make a mistake, but it’s likely that this automated system works with a “fail-safe”. Any failures or uncertainties will take the safer course of action and deny entry, or defer to human intervention. Binance keeps you involved in the whole process via email. It’s possible to stop any unauthorized attempts to access your account by following the included link.
Bittrex Account Recovery
The Bittrex account recovery process appears to use humans instead of machines, but this doesn’t mean it’s slow. After requesting an account recovery through an online support messaging system, Bittrex email you the next steps you must take. These are:
- Provide proof of identity
- Provide recent IP addresses used to access account
- Provide estimated account balances
This proof of identity comprises of several photos of your and your government-issued identity. Bittrex state:
Please attach 3 images of you holding your government-issued ID so we can match your face against the picture displayed on the ID. Also, write “Bittrex” and today’s date on a piece of paper and hold it in the picture. The text on your ID must be legible in at least one of the photos.
After submitting the requested photos, Bittrex support told me they could not accept my photos as the plain background was not suitable. It would be nice to know this before taking the photos, but as they responded quite quickly, it wasn’t a big deal to take the photos again.
The recent IP addresses are easy to supply—Bittrex email this to you with every successful entry to your account.
Finally, the estimated account balances. I don’t know the degree of accuracy Bittrex mandate, but this wasn’t a big deal to provide. If you use automated trading and API keys, your access to this data may vary.
After providing my identity information in the correct format, Bittrex removed my account 2FA in less than eight hours.
While this account recovery appears to be a manual process, the Bittrex support team are knowledgeable and were very fast to remove the restrictions. Hopefully, they compare your image with your identity card, and the original verification images required when registering for the first time. They never reset your password, and keep you informed by email every step of the way. This system is secure enough to prevent unauthorized access to your account.
Coinbase Account Recovery
To recover your Coinbase account, you have to contact the Coinbase support team and start the account recovery process. This involves verifying your identity and then removing 2FA from your account. Once restored, you can re-enable 2FA. This process is the slowest of the three listed here, and it took several business days between supplying the information and gaining access again. Coinbase state:
This generally takes 72 hours (3 days). At that point, you can use the code sent to your mobile phone number to log in to your account.
To reset your account, Coinbase requires a photo of you with your government issued identity, like the other exchanges. You can submit this photo through Coinbase’s online portal, but it’s not automated. Once reset, Coinbase enables SMS-based authentication if you still have access to your mobile device.
This recovery process helps to ensure Coinbase is safe.
How Secure Are Your Funds?
While these three exchanges represent only a fraction of all the cryptocurrency exchanges you can trade on, the account recovery process is similar across them all. Binance is the quickest, Bittrex is the most secure, and Coinbase is useable but slow to process, the premise remains the same. Upload your identity documents alongside any other exchange specific requirements, and wait for the reset to complete.
If you’re in a position whereby you need to gain access to your account, you may know the feeling of despair associated with it. Exchanges may not let you in, even after following all their rules. They may suffer a hack, as the worst crypto hacks in history show, or governments may force them to block withdrawals. The only true way to keep your crypto safe is by storing them off exchanges. It’s not that difficult, especially with devices such as the Ledger Nano S. Let us know your thoughts on Twitter @blocksdecoded.