CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. -- % of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.

Two-factor authentication (2FA)

Performing advanced financial operations like wallet transfers, investments, etc with only a protection logging in from a single password is a bit on the light side.

An option to enable a two-factor authentication (2FA) of some kind, either with the help of the Google Authentication app or via SMS or even a digicode card like at InteractiveBrokers would be welcomed to enhance internet security at Darwinex

11 Likes

2FA is said to eliminate 99% of possible attacks

1 Like

This is planned. We’ll keep you posted about any news about 2FA at Darwinex.

4 Likes

Besides 2FA (which I recommend above Google Auth), MIDO U2F is getting some traction as More secured keys

2 Likes

After some crypto exchanges accounts, today my Twitter account got hacked.


2FA had only been added recently to Twitter and I had forgotten to apply it. Although I had paid attention to remove my phone number there hopefully, alongside other social networks, which (phone number) is a major source of fraud complication

Anyway, it still comments the degree of danger that can happen from using a single password the light way. Besides private discussions, there is nothing critical to protect at Twitter, yet they are taking threats nonetheless seriously. It shows a rising need

However, at least Twitter warns its members when a successful login attempt occured from a different computer / unusual IP address.
Darwinex does not warn us about such events.
I know it for a fact because I connect from different remote machines located in different countries and I never receive any activity monitoring email as prevention.

In other words, if someone has forced access to a Darwinex account and is spying at trades hidden to the public on purpose (trading journal, privacy settings), then we have no means to know and react. Also, our customer data can leak and the pirate learn who exactly is behind a Darwin, etc. To me, the potentiality of both such leaks is troublesome. Sorry to insist.

If 2FA is not scheduled shortly, then please consider to integrate warning emails monitoring the connection activity. That is the minimum to provide but could be satisfying enough to give us responsability in handling security ourselves (change password when needed) when we know something is wrong. Right now, we are kept in the dark a bit too much

1 Like

Hi @NapoleonDynamite!!

Regarding this topic, we have recently added a new functionality to the website.

Now you can check all your past logins and other security events in your profile page. :wink:

I hope you like this step towards enhanced security.

4 Likes

Log history : excellent ! :clap: I had missed that news / feature, if you communicated about it.

1 Like

Just a small comment, since the tracking function exists now.

Maybe it would be nice to have an option to “receive login emails” (a box to tick to select/unselect)
That’s now a common practice more and more in the industry.

It is a bit heavy to receive login emails for your own connections, but very convenient to receive such email when you know you have been inactive so it can’t be you, in order to react quickly. This serves very much like an alarm system as long as you use a real-time notification mailing program.

2 Likes

Sure! Thanks for the feedback.

It is probably already on the list, but we want at least to release this new feature asap.

4 Likes

Hello guys,

I think Darwinex is little bit insecure, just have HTTPS and anymore, no have two-way authentificator or code generator or similar. That make me feel insecure and no add more money to my account. Someone in the same situation?

Thanks!

I have favourite link direct to Log History but I think is easy develop email/SMS alert or Google authentificator

The google stuff didn‘t work on a certain former vps and had to be deinstalled, so Darwinex should only offer it as an option to trigger in the user profile.

Just to make you feel better with the current solution:

HEY! thanks for the response :slight_smile:

1 Like

I’m quite new here, but haven’t seen 2 factor-authentication anywhere.

Is there a way to increase the security of my account beyond a username/password. I’ve also noticed that the Android App offers very little security.

Are these on the road map?

I’m sure you can all understand why it is an essential part of the platform that is missing.

1 Like

Hi @chewy2019! Thank you for the suggestion and welcome to the forum!

We’ve long been planning to introduce 2FA and it seems that from June onwards we’ll have bandwith to actually do it. We’ll keep you posted.

1 Like