Bullish uses multi-factor authentication instead of passwords to provide a secondary layer of security via WebAuthn, a strong and secure method of web authentication. This reduces the chances of outside access to your account and protects your personal information.
Bullish sends a one-time link to your registered email address every time you log in to Bullish, then requires a 6-digit PIN and authentication with WebAuthn using either built-in biometrics, (e.g. fingerprint on supported devices), or an external hardware security key, (such as Yubikeys®), in order to log in.
You will be prompted to use multi-factor authentication when performing high-privilege actions, such as:
- Logging in
- Generating/saving API keys
- Adding/removing a device
- Adding/removing a cryptocurrency withdrawal address/account
- Adding/removing a bank account
- Updating name/address
- Updating your PIN
- Adding/withdrawing liquidity in the Bullish Liquidity Pool (BLP)
- Canceling a withdrawal request in BLP
- Depositing/withdrawing cryptocurrency or fiat
Internal (built-in) biometric authentication
Internal authenticators are built into your devices, such as laptops and smartphones, which can help access platforms using your fingerprint or face ID.
Important: When you enable biometrics on a device, any biometric identifiers stored on that device can be used to log in to Bullish. We highly recommend using biometric authentication only if your biometric identifier is the only one stored on the device.
External hardware security key
External hardware security keys, such as Yubikey®, can be connected to your devices through USB, Bluetooth or NFC, (Near-Field Communication). You can use any type of USB hardware security key as long as they are FIDO2 compliant.
Learn more about which browsers and devices support WebAuthn for Bullish.
See how WebAuthn works with Bullish in this educational video: