If major exchanges with million-dollar security teams can be targeted, individual traders need to be even more vigilant. But the truth is, most account compromises happen not because of sophisticated hacking, but because of simple security oversights.
A strong, unique password combined with YEX’s built-in security features creates a powerful shield around your assets. As you begin your crypto journey on YEX, making security a habit, not an afterthought, is one of the smartest investments you’ll make.
What is YEX?
YEX is a fast-growing crypto exchange built on one principle: Make Trading Easy. We combine intuitive design with institutional-grade security to deliver a platform users can trust.
Our comprehensive product suite, derivatives, spot, margin trading, staking, AI bots, copy trading, and institutional tools, empowers the next billion crypto users to unlock their potential in digital finance.
Security is foundational. We protect user assets through MPC custody and cold wallet infrastructure, ensuring funds remain secure while maintaining seamless accessibility.
How to Protect Your YEX Account
Take advantage of YEX’s built-in security features to secure your account:
-
Use a Strong and Unique Password:
Your password is your first line of defence.
Create a strong password with:
-
Minimum 12 characters
-
Mix of upper/lower case, numbers, and symbols
Use a reputable password manager (like 1Password) to generate and store complex passwords. This makes brute-force attacks virtually impossible.
Never reuse your YEX password elsewhere—especially not for your email account.
-
Enabling Two-Factor Authentication (2FA)
Enable two-factor authentication (2FA) to add an extra security layer. Each login requires a one-time code from your authenticator app, confirming you’re the account owner.
Set up Google Authenticator on YEX to activate this essential protection.
To set this up:
Step 1: Navigate to [Account Safety] by clicking the [Profile icon] in the top right corner.
Step 2: On the Safety screen, find Google Authenticator and click [Bind].
Step 3: Follow the on-screen instructions:
-
Download Google Authenticator: Available for iOS and Android
-
Scan the QR code: Open Google Authenticator and scan the displayed QR code, or enter the key manually
-
Save your backup key: This key lets you recover access if you lose or replace your phone. Save it securely before completing setup
Once enabled, YEX will prompt you for a 2FA code at every login, significantly strengthening your account security.
After verification, your security level will increase from Low to Medium. The ultimate goal is to reach Strong.
-
Enable passkey
YEX offers passwordless login for faster, more convenient access. Use facial or fingerprint recognition from your trusted devices, or security keys like Passkey or YubiKey to log in without entering passwords or verification codes.
To set this up:
Step 1: Go to the [Account Safety] page and click [Manage] under the Passkey option.
Step 2: Click [Passkey] and request a verification code.
Step 3: Enter the verification code. You’ll be prompted to choose where to store your passkey, either your Google account or iCloud Keychain. Select your preferred option.
Step 4: Confirm your selection to complete setup.
-
Add a Phone Number
YEX allows you to add a phone number to receive verification SMS for withdrawals, password changes, and security settings updates.
To set this up:
Step 1: Go to Phone Number and click [Bind].
Step 2: Enter your country, mobile number, and complete the CAPTCHA verification. Then enter the SMS code and click [Bind].
Note: SMS delivery may be delayed due to network issues in some regions. If you experience delays, Google Authenticator is a reliable alternative for verification.
-
Set Transaction Password
Set up a transaction password to protect your funds. This adds an extra security layer, even if someone gains access to your account, they cannot withdraw or transfer funds without your transaction password.
To set this up:
Step 1: Click on [Settings] and follow the following instructions
Best Practices to Keep Your Account Safe
Security extends beyond the YEX platform. Here are essential practices to protect your account:
-
Regular updates
Regularly update your operating system, browser, and mobile apps. These updates include important security patches that protect against new threats. Also, you can use Face ID or fingerprint recognition on the YEX mobile app for quick, secure access.
-
Avoid public wi-fi for trading
Never access your YEX account on public Wi-Fi networks. These unsecured connections expose your data to interception, network owners and hackers can potentially capture your login credentials and account information.
If you must use public Wi-Fi, always connect through a trusted VPN to encrypt your traffic and protect your data.
-
Secure your email
Your email is the master key to account recovery. Protect it with a unique, strong password and enable 2FA. Never use the same password for both your email and YEX account.
-
Cold storage/hardware wallets
Remember: “Not Your Keys, Not Your Coins.” While YEX securely stores your trading funds, keeping large amounts on any exchange long-term carries risk.
For maximum security, transfer long-term holdings to a hardware wallet. Cold storage devices give you complete control of your private keys, protecting your assets even if an exchange is compromised.
Keep active trading funds on YEX for convenience, but store the majority of your crypto in cold storage.
-
Enable withdrawal whitelisting
Set up withdrawal address whitelisting to only allow withdrawals to pre-approved wallet addresses. Even if a hacker gains access to your account, they cannot drain funds to unauthorized wallets.
-
Monitor your account activity
Regularly review your login history and approved devices in your YEX security settings. Check for any unfamiliar activity or unauthorized access. Remove any devices or API keys you no longer use.
How to Spot and Avoid Scams
-
Phishing attacks (Fake websites and emails)
Scammers create fake YEX websites and emails to steal your credentials. Watch for these red flags: poor grammar, urgent threats, and requests for passwords or private keys.
Protect yourself:
-
Bookmark the official YEX URL and use it every time
-
Never click links in emails or messages, always type the URL directly
-
Check the URL carefully for misspellings like “yex.cm” instead of “yex.com”
-
Impersonation scams
YEX staff will NEVER ask for your password, 2FA codes, or request you install remote desktop software. Anyone making these requests is a scammer, even if they claim to be YEX support.
Avoid schemes promising guaranteed returns, like “send 1 BTC, get 2 BTC back” or unrealistic high-yield investment opportunities. If it sounds too good to be true, it is.
-
SIM swapping attacks
Scammers can trick your mobile carrier into transferring your phone number to their device, allowing them to intercept SMS codes. You can protect yourself by:
-
Using Google Authenticator instead of SMS for 2FA
-
Setting up a PIN or passcode with your mobile carrier to prevent unauthorized number transfers
Keep Your YEX Account Safe
Crypto offers exciting opportunities, but security can’t be an afterthought. By enabling 2FA, using strong passwords, staying alert to scams, and protecting your devices, you significantly reduce your risk of account compromise.
Remember: if you ever suspect unauthorized access or notice anything unusual, contact YEX customer support immediately. Your vigilance today protects your assets tomorrow.
FAQs
- How do I set up Two-Factor Authentication (2FA) on YEX?
To enable 2FA, go to your Account Safety page and select Google Authenticator. You will need to download the Google Authenticator app, scan the QR code provided by YEX, and enter the verification code. Important: Always save the backup key shown during setup so you can recover your account if you lose your phone.
- What is a Transaction Password and why do I need one?
A Transaction Password is an extra security code separate from your login password. It is required to approve withdrawals or transfers. This ensures that even if someone hacks your login credentials, they cannot move your funds without this second password.
- What is a Passkey and how does it help me?
A Passkey allows you to log in to YEX without typing a password. It uses biometric verification (like Face ID or fingerprint) or a hardware key (like YubiKey) from your trusted device, making login faster and more secure against phishing.
- Why is Google Authenticator better than SMS verification?
While SMS is convenient, it is vulnerable to SIM-swapping attacks, where hackers trick carriers into transferring your phone number to them. Google Authenticator generates codes locally on your device, making it significantly safer than SMS.
- Will YEX support ever ask for my password?
No. YEX staff will never ask for your password, 2FA codes, or request remote access to your computer. If anyone asks for these, it is a scam attempt.
- What happens if I lose the phone with my Google Authenticator?
If you saved the backup key provided during the initial setup, you can use it to restore your 2FA codes on a new device. If you did not save this key, you must contact YEX customer support for identity verification to reset your security settings.
