Enable Robust 2FA

Use an authenticator app (TOTP) such as Google Authenticator or Authy. Consider hardware security keys (U2F/WebAuthn) if supported.

Use Strong Passwords

Create a long, unique password per account and store it in a reputable password manager.

Secure Your Email

Your exchange recovery depends on your email. Protect it with 2FA and strong credentials.

Be Phishing Aware

Never enter credentials on pages reached via unsolicited emails. Verify URLs and sender addresses carefully.

Limit API & App Access

Only grant API access to trusted apps; set withdrawal restrictions and rotate or remove unused keys.

Monitor Activity

Regularly check account activity and alert settings. Enable notifications for suspicious logins or withdrawals.