Blog home
INDUSTRY
OCT 15, 2020
Keep Yourself and Your Cryptos Secure With One Simple Step
One of the themes this Cybersecurity Awareness Month is “if you connect it, protect it” — we couldn’t agree more. Gemini’s security team wanted to take this opportunity to share one of the most impactful steps we think you can take to protect yourself and your crypto: use a hardware security key.
More Than a Token Gesture
To start, we suggest you use hardware security keys like YubiKey or Google’s Titan Key for all your important online accounts, including Gemini.
A hardware security key keeps your account safe even if your password is compromised. They provide the strongest level of protection when authenticating to your Gemini account by delivering hardware-backed, cryptographic proof of your identity, ensuring that only you, the holder of the physical hardware key, can gain access to your account, even if an attacker has compromised your password or successfully executed a SIM-swap attack on your mobile device.
Gemini employs WebAuthn, which is considered the gold standard of hardware security key authentication for web applications, to ensure user accounts are kept secure. Logging in is faster and simpler with a two-step process:
- Enter your username and password
- Tap the hardware security key with your finger or hold it to the back of your smartphone
How Do I Set Up a Hardware Security Key on Gemini?
You can register your hardware security keys to your Gemini account and review some frequently asked questions here. Or, watch How to Add a Hardware Security Key to Your Gemini Account.
The Gemini mobile app (Android app, Apple app) is the first crypto exchange mobile app that can be used with dedicated hardware security keys. Just hold your YubiKey 5 NFC, YubiKey 5C NFC or Google Titan Key to the back of your phone and enter your password to login via mobile in the safest and most secure manner possible.
Two Hardware Security Keys Are Better Than One
If all this is music to your ears then you may want to jump in with both feet and enable your account to only use security keys to log in. To do this, register two hardware security keys so you can use one as a backup in case your primary security key is lost, stolen, or damaged. Once you’ve added a second security key you can disable other non-hardware-based security features on your account.
To set up a second hardware security key head to your Gemini account settings and click the security tab. If you already have a security key registered to your account you’ll have the option to add a second key.
For Cybersecurity Awareness Month we partnered with Yubico to help users take their account security to the next level. Use the promo code YK20E-GEMINI20 for $20 off any two YubiKey Series 5 keys at checkout on the Yubico website. The promotion ends November 30, 2020, 11:59pm Pacific.
Get a Hardware Security Key and Use It Everywhere
We’ve just got one piece of advice this Cybersecurity Awareness Month and it’s simple: get a hardware security key and use it everywhere you can. This page has a list of the types of authentication that popular web applications support, so take a look to find out where you can use your hardware security keys and stay safe out there.
Onward and upward!
Team Gemini