Using two-factor authentication

Bullish uses two-factor authentication (2FA) as an added layer of security which reduces the chances of outside access to your account and protects your personal information.

Bullish requires a password and either WebAuthn or TOTP for two-factor authentication.

You will be prompted to use two-factor authentication when performing privileged actions, such as:

  • Logging into the Bullish Web UI

  • Generating API keys

  • Registering/removing a second factor

  • Adding a cryptocurrency wallet for withdrawal

  • Adding a bank account

  • Depositing/withdrawing cryptocurrency or fiat

  • Changing your password

  • Changing your security question

TOTP authentication

Time-based one-time password (TOTP) applications such as Google Authenticator or Authy, generate 6-digit codes that are unique to our account. Other TOTP-compliant authentication apps should also work, but have not been fully tested by the Bullish team. Possible options include:

  • 2FAS
  • Aegis
  • Duo
  • LastPass Authenticator
  • Microsoft Authenticator

Passkey with (built-in) biometric authentication

Passkey with biometric authenticators are devices, such as laptops and smartphones, which can help access platforms using your fingerprint or face ID.

Important: When you enable biometrics on a passkey, any biometric identifiers stored on that device can be used to log into Bullish. We highly recommend using biometric authentication only if your biometric identifier is the only one stored on the passkey.

External hardware passkey

External hardware passkeys, such as YubiKey®, can be connected to your devices you use to access Bullish through USB, Bluetooth or NFC, (Near-Field Communication). You can use any type of USB passkey as long as they are FIDO2 compliant.

Learn more about which browsers and devices support WebAuthn for Bullish.

Was this article helpful?
0 out of 0 found this helpful