Google 2FA

To prevent unauthorized access to your account, we recommend enabling two-factor authentication, such as Google Authenticator (Google 2FA) or text message verification. Examples of a good security setup include: Google 2FA + email verification + trading password, or, phone + trading password. Here, we’ll walk you through the steps for setting up Google 2FA.

Content
1. Why Google 2FA
2. Linking Google 2FA
3. Common Issues with Google 2FA Codes
4. Troubleshooting 2FA Access Issues

1. Why Google 2FA

Getting your password stolen may be more common than you might think. Any of the following actions could put you at risk of a data breach:
• Using the same password on multiple sites
• Downloading software from the internet
• Clicking on unknown links in emails

If someone steals your password, they could prevent you from accessing your account and also:
• Trade away your assets at will, resulting in loss
• Withdraw your assets, emptying your account

Given the anonymity and decentralized nature of blockchain, these actions could lead to irreversible losses. Setting up Google 2FA for your KuCoin account adds an extra layer of security.
• Most accounts only have their login password as their first line of defense. Even if your password is compromised, attackers would still need physical access to your phone or security keys with Google 2FA.
• The Google Authenticator app generates unique codes for your account every 30 seconds to log in with. Each code may only be used once.

2. Linking Google 2FA

On KuCoin, important actions such as logging in, withdrawing, and changing key account settings require 2FA. Here’s how to set up Google 2FA on your phone.

2.1. Downloading the Google 2FA app:
iOS: Search Google Authenticator in the App Store.
Android: Search Google Authenticator in Google Play, or use this download link.

2.2. Linking Google 2FA:
i. Log into your KuCoin account and select your profile from the top right. Look for Account Security → Google Verification from the dropdown list. Select Link (previously Bind) as shown from the image.
G2FA 5.png

ii. Go to Security, and verify using your email or text message code. Hit the Send Code button for the email or text to be sent to your phone. Enter the verification code once you’ve received it and hit Next.
G2FA 6.png

iii. Return to the Google Verification page. Link Google 2FA to your account by opening the app on your phone. Scan the QR code or enter your Google security key manually. Once linked, the app will generate a 6-digit code that changes every 30 seconds. Enter this code to complete the setup.

Note:
• Always save your security key or QR code for future reference. If you need to change your device or update the authenticator, this key can help to retrieve your Google verification code.
• Make sure to download the correct Authenticator app. The correct icon should look like this:

• Android Devices: To correct server time in Google Authenticator, tap the upper left corner, then select Settings → Time correction for codes.
G2FA 8.png
• Apple Devices: If your initial verification code fails, try restarting and verifying again. Also, on your Apple device, go to Settings → General → Date & Time. Enable “24-Hour Time,” and set updates to “Automatic.”
G2FA 11.png
• Before scanning the QR code, you’ll have to give the app camera permissions.
• Enter the Google 2FA code carefully. If entered incorrectly five times in a row, Google 2FA will be locked for 2 hours.
• Every time you link and unlink the Authenticator, you’ll get a different key. Be sure to save the latest key.

3. Common Issues with Google 2FA Codes

If your code isn’t working, check the following:
i. If you’ve Google 2FA for multiple accounts on your phone, ensure the code you’re using is the one specifically associated with your KuCoin account’s email.
ii. Google 2FA codes are only valid for 30 seconds. Make sure you’ve entered the code within this time frame.
iii. Your app is time-synced. Sync the time on your phone’s Google Authenticator app with Google server time so that your codes are accurate.

Syncing Google Authenticator with Google server time:
For Android, adjust time settings in Google Authenticator from the upper left corner. Select Settings → Time correction for codes.
For iOS, go to Settings → General → Date & Time. Enable “24-Hour Time,” and set updates to “Automatic.”

If none of the above worked so far, try the steps in the next part.

4. Troubleshooting 2FA Access Issues

4.1. Lost access to current 2FA
Solution #1: Relink 2FA using saved Google security key
If you’ve saved the Google key during your initial Authenticator setup, you can use it to relink the Google Authenticator on your device. Once relinked, enter the six-digit code to log in to your KuCoin account.

Steps:
i. Select the Google verification code for your KuCoin account, long press to jump to the verification code screen.
ii. Tap Delete Account in the top right.
iii. Then, follow the steps in 2. Linking Google 2FA of this article to relink your KuCoin account and Google 2FA.
G2FA 9.png
Once done, enter the six-digit code to log in.

Solution #2: Manually unlink Google 2FA
i. Select "2FA unavailable?" on the login page.
ii. Enter your trading password and the email code sent to verify your account. Follow the instructions, completing Identity Verification and submit a request to have 2FA manually unlinked.
G2FA 10.png

Note:
• Withdrawals are disabled for 24 hours after updating 2FA settings to protect your assets.
• When completing Identity Verification, upload the required photos while following the instructions closely, or your appeal may be rejected.
• The "2FA unavailable?" button is only found on the login page. If you’re logged in, you’ll need to log out and return to the login page.
• If you previously selected "Trust this device" to automatically skip Google 2FA at login, navigate to "Account Security" after logging in to your KuCoin account. Remove the trusted device, then log out and log back in to update your security settings.

Trusted device.png

4.2. Current 2FA still in use, but wish to switch Authenticator to a new device
If you’ve backed up the key:
Refer to the earlier section on how to link 2FA. Use the key to link Google Authenticator on your new phone, then safely delete the key from your old phone.

If you’ve not backed up the key:
Log into your KuCoin account, then navigate to Account Security to change your Google 2FA.

i. Go to Security Settings and select Google Verification. Hit the Change button.
ii. Send and enter the Google 2FA code to pass verification.
iii. On the Google Verification page, scan the QR code or enter your Google security key manually. Once linked, the app will generate a 6-digit code that changes every 30 seconds. Enter this code to complete the setup.
G2FA 12.png

Note:
1. If you exit the page before clicking Activate, changes to your old 2FA will not be saved, remaining usable.
2. Withdrawals are disabled for 24 hours after updating 2FA settings to protect your assets.
3. Once verified and active, the system automatically changes and links your new 2FA. The old 2FA will no longer work and should be deleted as soon as possible.