New User Guide (2025): Two-Factor Authentication (2FA)
Ensuring the safety of your digital assets has always been a top priority in the fast-evolving crypto landscape. At Bitget, we are committed to empowering users with robust tools and clear guidelines to secure their accounts effectively. This guide is tailored for new users with step-by-step instructions on implementing essential security measures, such as enabling two-factor authentication (2FA) and other advanced security settings. By adopting these practices, you can confidently navigate cryptocurrency trading while keeping your assets well-protected.
Account Security
Account security is the foundation of a safe and successful trading experience on Bitget. Protecting your account from potential threats is easy with the right tools and best practices. This section will guide you through essential steps to safeguard your account and ensure peace of mind while trading. Without any additional security settings, your Bitget account will be recognised as an account of low-security level (as shown below). You will also be reminded to configure the main security settings.
Two-Factor Authentication
You can view the list of all two-factor authentication methods. Two-factor authentication/2FA is an extra layer of security that requires you to verify your identity using a second method, like a code from an app or SMS, in addition to your password. If you created your new Bitget account with your email, email verification will be automatically turned on (see the blue dot). Similarly, if you did phone number registration, phone number verification will be automatically enabled. For this guide, we'll demonstrate the security configuration for an account signed up with email.
Google Authenticator
Google Authenticator is a mobile app that generates time-sensitive, one-time codes used for 2FA. It's one of the most common security practices because it adds a robust layer of protection to your account, ensuring only you can access it even if your password is compromised.
For the Bitget website
Step 1: Go to the security settings page on Bitget. Make sure that you have already signed in to your Bitget account.
Step 2: Click on [Configure] below the Google Authenticator method.
Step 3: If you don't have the Google Authenticator app on your phone yet, simply download it using the QR code provided by Bitget, then sign in to your Google account.
Step 4: If you have never used Google Authenticator before, you will see the [Add the code] button on the home screen of the app right after login. Tap on that button.
Otherwise, tap on the plus icon on the bottom right corner of the app and click on [Enter a setup key] or [Scan a QR code] to proceed.
Step 5: Since you're using the Bitget website, it'll be faster to scan the QR code to bind your Bitget account to the Google Authenticator app on your phone. If you want to, you can also copy the key provided on the site and paste it into your Google Authenticator app.
After successful binding, you will see the Bitget option on the Google Authenticator app, together with the binding date and the email you used to register for your Bitget account. The blue dot marked here is the timer indicator, which represents the remaining time before the current one-time password (OTP) expires and a new one is generated.
Step 6: Enter the 6-digit code from the Google Authenticator app onto the Bitget website to proceed. You will then be asked to enter the 6-digit code sent to your email to complete the configuration. Click on [Send], enter the code, and click [Confirm]. Note that this code will be valid for 10 minutes only.
Step 7: You're done! Now you can see that Google Authenticator has been enabled!
For the Bitget App
Step 1: Click on the grid icon on the top left of the Bitget app. Then, tap on the profile area as marked below.
Step 2: Tap on [Security] then [Google Authenticator].
If you don't have the Google Authenticator app in your phone yet, simply download it using the QR code provided by Bitget, then sign in to your Google account. Tap [Next] on the Bitget app to proceed.
Step 3: Now go to the Google Authenticator app, tap the [Add the code] button on the home screen of the app right after login or tap on the plus icon on the bottom right corner of the app and click on [Enter a setup key] or [Scan a QR code] to proceed. Since you're using your phone and switching between apps, it might be faster to simply copy the key and paste it to the Google Authenticator app. However, you can also scan the QR code provided by Bitget to bind your Bitget account to your Google Authenticator app.
Once the binding is done, copy the 6-digit code from Google Authenticator, paste it back to the Bitget app, and click [Next].
Step 4: A 6-digit code will be sent to your email address following the binding process. Copy and paste it to the Bitget app, then click [Confirm].
You'll be automatically redirected to your profile screen. Now you'll see that Google Authenticator has been enabled!
Passkey
A passkey is a modern, passwordless authentication method that uses cryptographic keys to securely log you into your account without needing traditional passwords. It's important because it enhances security by eliminating vulnerabilities like weak passwords and phishing.
For the Bitget Website
Step 1: Go to the security settings page on Bitget. Make sure that you have already signed in to your Bitget account. Then, click on [Configure] below the Passkey method.
Step 2: Click on [Add].
Read the Disclaimer and check the agreement tickbox before clicking on [Submit].
Step 3: Choose the method you want to use for Passkey. For this example, the user chooses the [iPhone, iPad or Android device].
Step 4: Use your phone or another mobile device to scan the QR code generated by Bitget to save a passkey.
Step 5: When you scan the QR with your camera (note that the camera must be in Photo mode, for the camera won't recognise the QR code in Portrait, Video, or other modes), you will see a sign that says [Save a passkey]. Click on it and agree to turn on FaceID for the passkey. Instead of remembering a password, your Face ID works as the key. On Android phones, the passkey method typically uses biometric authentication such as fingerprint recognition or facial recognition, alternatively, a secure device PIN.
It's now done. The passkey shown here allows you to securely log in to your Bitget account without relying on a traditional password. With this passkey bound to your device (e.g., iPhone), you can authenticate quickly using your device's biometric security, in this case FaceID.
For the Bitget App
Step 1: Click on the grid icon on the top left of the Bitget app.
Then, tap on the profile area as marked below.
Step 2: Tap on [Security] then [Passkey].
Then, tap on [Add passkey].
Read the Disclaimer and check the agreement tickbox before tapping [Confirm].
Step 3: You'll be asked to enter the 6-digit code sent to your email and the code from your Google Authenticator app to proceed.
The user uses an iPhone and is therefore asked to turn on FaceID for the passkey. Instead of remembering a password, your Face ID works as the key.
On Android phones, the passkey method typically uses biometric authentication such as fingerprint recognition or facial recognition, alternatively, a secure device PIN.
Step 4: It's now done. The passkey shown here allows you to securely log in to your Bitget account without relying on a traditional password. With this passkey bound to your device (e.g., iPhone), you can authenticate quickly using your device's biometric security, in this case FaceID.
Phone number
Phone number verification is a security measure that links your account to your mobile number to enable identity confirmation through SMS codes and ensure added protection for account recovery and transaction approvals.
For the Bitget Website
Step 1: Go to the security settings page on Bitget. Make sure that you have already signed in to your Bitget account.
After you have completed the Google Authenticator and the Passkey configuration, your account security level is now Moderate.
Step 2: Click on [Configure] below the Phone number verification method.
Step 3: Enter your country code, your mobile phone number, and click on [Send] as marked below to trigger an SMS code. Copy the SMS code sent to your phone and click [Submit].
Step 4: You'll be asked to enter the 6-digit code sent to your email and the code from your Google Authenticator app.
For the Bitget App
Step 1: Click on the grid icon on the top left of the Bitget app.
Tap on the profile area as marked below.
Step 2: After you have completed the Google Authenticator and the Passkey configuration, your account security level is now Moderate. Tap on [Security] then [Mobile number].
Enter your country code, your mobile phone number, and click on [Send] as marked below to trigger an SMS code. Copy the SMS code sent to your phone and click [Submit].
You'll be asked to enter the 6-digit code sent to your email and the code from your Google Authenticator app and it's done.
Other 2FA Methods
After you've enabled email verification, Google Authenticator, Passkey, and phone number verification, you will see that your account now has the security level of High. If you use biometric security for Passkey, you will see that particular method is also enabled.
As shown on the Bitget website:
As shown on the Bitget app:
