Image

Security

2 factor authentification (2FA)  & Time-based One-time Password (TOTP)

The following section explains the importance of securing your account with 2FA. Scroll to the bottom for a quick setup guide.

Why 2FA is Important

It is strongly recommended that all users set up 2FA as soon as possible to protect their accounts. A username and password is easily hacked which could result in the loss of your funds.

However by enabling 2FA a hacker would need access to your password AND your phone or device in order to log in to the exchange.

We also recommend that you also lock your device using a fingerprint, facial lock, or passcode to add even more security.

2FA Quick Description

Once 2FA is enabled on your account, at login you will first be prompted to provide your password (factor 1) and your 2FA code (factor 2) when signing in to your account. The 2FA codes are associated with something unique such as a specific device (mobile phone) or a phone number.

TOTP Quick Description

Nauticus has elected to use a 'Time-based One-Time Password (TOTP); as it offers increased security over the alternative "SMS" method. With TOTP an algorithm will generate codes for you based on the current time and a "shared secret key" (more on this below).

Setup 2FA

To enable 2FA first head to Google Play or the Apple Store and download either Google Authenticator, or Authy, which offers additional features.

Google Authenticator

Download for Android

Download for Apple

Authy

Download for Android

Download for Apple

Next, login to Nauticus Exchange

 and click the "hamburger menu" at the top right >> settings >> the box marked 'security' >> then 'enable two factor'.

IMPORTANT: 2FA works by syncing up a randomly generated code using the time and date down to the second. This means your device should be set to 'network provided time' or else it won't work. Alternatively, you can go to the main menu of Google Authenticator, tap more: Settings. Tap 'Time Correction for Codes" and then tap 'Sync now'.

To Use:

  • Open up Google Authenticator
  • Press the + symbol
  • Tap 'Scan a barcode'
  • Point camera at the QR Code
  • Hold until device says 'secret saved'

Make sure you save the long string of numbers on the screen and keep it somewhere safe (NOT ON YOUR DEVICE). It will help you to recover your account if you lose your device.

Type in the Nauticus code from the app to complete setup. Note that if you are too slow, the code will change and you'll need to enter the new code before it is replaced.

Troubleshooting

Additional support resources are available from Google Account Help

.