Bullish uses two-factor authentication (2FA) as an added layer of security which reduces the chances of outside access to your account and protects your personal information.
Bullish requires a password using either WebAuthn or TOTP for two-factor authentication.
You will be prompted to use two-factor authentication when performing privileged actions, such as:
Logging into the Bullish Web UI
Generating API keys
Registering/removing a second factor
Adding a cryptocurrency wallet for withdrawal
Adding a bank account
Depositing/withdrawing cryptocurrency or fiat
Changing your password
Changing your security question
Time-based one-time password (TOTP) applications such as Google Authenticator or Authy, generate 6-digit codes that are unique to our account. Other TOTP-compliant authentication apps should also work, but have not been fully tested by the Bullish team. Possible options include:
- LastPass Authenticator
- Microsoft Authenticator
Passkey with (built-in) biometric authentication
Passkey with biometric authenticators are devices, such as laptops and smartphones, which can help access platforms using your fingerprint or face ID.
External hardware passkey
External hardware passkeys, such as YubiKey®, can be connected to your devices you use to access Bullish through USB, Bluetooth or NFC, (Near-Field Communication). You can use any type of USB passkey as long as they are FIDO2 compliant.
Learn more about which browsers and devices support WebAuthn for Bullish.