Once cryptocurrency is stolen, it's extremely difficult to recover. Account security is a top priority. Complete these 8 settings and your Binance account security will reach the highest level. None of them are difficult — spend 20 minutes and get them all done at once.
1. Use a Strong Password
This is the most basic step, yet many people fail to do it properly.
Criteria for a good password:
- At least 12 characters
- Includes uppercase and lowercase letters, numbers, and special characters
- Does not contain personal information (birthday, name, phone number)
- Is not the same as passwords used on other websites
Tip: Use a password manager (1Password, Bitwarden, etc.) to generate and store strong passwords. Don't rely on memory, and don't write them on paper lying around.
If you're about to register, set a strong enough password when you sign up for Binance.
2. Enable Google Authenticator
Google Authenticator is the core defense line for account security. Once enabled, login and important operations all require a verification code.
Steps: Security Settings → Google Authenticator → Follow the prompts to scan and bind
Make sure to back up your recovery key! Write it down on paper and store it safely. You'll need it to recover when your phone is lost or replaced.
3. Enable Email and SMS Verification
Enable all three verification methods simultaneously: Google Authenticator + Email + SMS. Important operations (such as withdrawals) require all three verifications, so even if one is compromised, you're still protected.
Steps: Security Settings → Enable phone verification and email verification separately
4. Set Up an Anti-Phishing Code
Set a phrase that only you know. All genuine emails from Binance will contain this phrase. If you receive a "Binance email" without your anti-phishing code, you can immediately identify it as fake.
Steps: Security Settings → Anti-Phishing Code → Set your unique phrase
5. Enable Withdrawal Whitelist
Once enabled, you can only withdraw to addresses you've added in advance. Even if your account is compromised, hackers cannot transfer coins to their own addresses.
Steps: Security Settings → Withdrawal Whitelist → Enable → Add your frequently used withdrawal addresses
After enabling the whitelist, newly added addresses require a 24-hour security cooling period before they can be used. This is one of the most effective asset protection measures.
6. Manage Device Authorization
Binance records the devices you've logged in from. Regularly check the device list and remove any devices you don't recognize.
Steps: Security Settings → Device Management → View all authorized devices → Remove unnecessary ones
If you've ever logged into Binance on a public computer, make sure to remove that device's authorization after you're done.
7. Close Unnecessary API Keys
If you've created API Keys but no longer use them, delete them promptly. Idle API Keys are a security risk.
Steps: API Management → View all API Keys → Delete unused ones
For API Keys currently in use, ensure IP whitelists and minimum necessary permissions are set.
8. Enable Login Alerts
Once enabled, you'll receive email and SMS notifications whenever a new device or new IP logs into your account. If it wasn't you, you can take immediate action.
Steps: Security Settings → Notification Preferences → Enable login activity notifications
Bonus: Hardware Security Key
If you hold a large amount of assets, consider using a hardware security key like YubiKey. It's more secure than Google Authenticator because it requires a physical device to complete verification.
Steps: Security Settings → Security Key → Follow the prompts to bind
Security Checklist
| Setting | Done? | Importance |
|---|---|---|
| Strong Password | □ | Required |
| Google Authenticator | □ | Required |
| Email + SMS Verification | □ | Required |
| Anti-Phishing Code | □ | Highly Recommended |
| Withdrawal Whitelist | □ | Highly Recommended |
| Device Management | □ | Recommended |
| API Key Cleanup | □ | Recommended |
| Login Alerts | □ | Recommended |
Daily Security Habits
In addition to the settings above, keep these in mind during daily use:
- Don't operate Binance on public WiFi
- Don't click on links from unknown sources
- Change your password regularly (every 3-6 months)
- Never share verification codes with anyone (Binance support will never ask for them)
- Install security software on your phone and check regularly
- Don't take screenshots of passwords or keys on your phone
Complete these 8 settings along with good security habits, and your Binance account will be in a very secure state. Spending 20 minutes to protect your assets is absolutely worth it.