Bullish uses multi-factor authentication instead of passwords to provide a secondary layer of security via WebAuthn, a strong and secure method of web authentication. This reduces the chances of outside access to your account and protects your personal information.
Bullish sends a one-time link to your registered email address every time you log into Bullish, then requires a 6-digit PIN and authentication with WebAuthn using either built-in biometrics, (e.g. fingerprint on supported devices), or an external hardware security key, (such as YubiKeys®), in order to log in.
You will be prompted to use multi-factor authentication when performing high-privilege actions, such as:
- Logging in
- Generating/saving API keys
- Adding/removing a device
- Adding/removing a cryptocurrency withdrawal address/account
- Adding/removing a bank account
- Updating name/address
- Updating your PIN
- Adding/terminating Automated Market Maker Instructions
- Depositing/withdrawing cryptocurrency or fiat
Internal (built-in) biometric authentication
Internal authenticators are built into your devices, such as laptops and smartphones, which can help access platforms using your fingerprint or Face ID.
External hardware security key
External hardware security keys, such as YubiKey®, can be connected to your devices through USB, Bluetooth or NFC, (Near-Field Communication). You can use any type of USB hardware security key as long as they are FIDO2 compliant.
Learn more about which browsers and devices support WebAuthn for Bullish.
See how WebAuthn works with Bullish in this educational video: