Set your exchange in password or biometric before withdraw.

[taufik123]

-snip-
If some one loss mobile phone actually the exchange account keep appear if login trough APP, I used Binance APP and account keep existing for long term and linked 2FA, email at the same mobile phone easily for some one withdrawing your fund if not set up biometric or using PIN code to withdraw fund at exchange account.

If you do lose your phone, there is still double security on the smartphone itself,
passwords or fingerprints will be a barrier door for those who find or steal the smartphone, so it will not be able to be opened by anyone.

Now smartphone security is more sophisticated and it is not easy to hack or bypass the screen security code,
even if it is forced to open, the data will be permanently deleted.

So in addition to exchange account security, smartphone security also needs to be considered,
always use screen lock security so that no one can access the smartphone when it is lost.

[Oluwa-btc]

Yesterday someone store my friends phone entered his binance and kucoin Because it was already logged in and withdraw his crypto coins, and this was possible because he used only authentication code for withdraw and since the authentication app was on his phone it was easy for the person to withdraw, so please Set your exchange in password or biometric before withdraw because if it was set like that the person wouldn't have been able to withdraw his crypto coins.

You meant stole your friends phone! But then something is off here how was the person able to achieve having access to his phone completely using his pass key, if not it been leaked out by an imposter or third party. What's the point since he got access through authentication what then behold a password except biometrics could be the only way out. Moreso most crypto apps like binance and the rest of them got features where biometrics and other security features to safeguard ones funds are required, once it's set up it could save one from cyber theft.

[shinratensei_]

If what is lost is the device, all security applications are also on the lost device, so the person who stole it can still access the exchange and make withdrawals. If you have sensitive access on your smartphone, why not lock your smartphone for added security? You can even turn off the smartphone or track it if it gets lost through the email linked to the device.

Not locking the phone in the big 2026 is just amateur mistake, simple. Not to mention that most of privacy and security applications allow for biometric verification before opening the app.
Even note app have the feature for faceID scan before granting access in iOS because some people like to put important thing in their note app. If I have an unlocked phone handed over to some stranger, I'm 100% sure that stranger won't have access to anything because every app I use requires faceID. Exchange app is no exception.

Make me wonder how some stranger could possibly access withdrawal which requires 3 verification : an sms, 2fa, and a passkey with faceID scan.

[gunhell16]

Make me wonder how some stranger could possibly access withdrawal which requires 3 verification : an sms, 2fa, and a passkey with faceID scan.

This is exactly what's so puzzling about that situation how did they even bypass those 3 verification steps? Especially the face scan, that's really suspicious.
The thief must be really skilled to impersonate the face scan ID of the person they stole from.

And honestly, no one else uses or handles my mobile device. Of course, this is my privacy and personal property,
unless I deeply trust you with something like this.

[Supreme Donvic]

Make me wonder how some stranger could possibly access withdrawal which requires 3 verification : an sms, 2fa, and a passkey with faceID scan.

This is exactly what's so puzzling about that situation how did they even bypass those 3 verification steps? Especially the face scan, that's really suspicious.
The thief must be really skilled to impersonate the face scan ID of the person they stole from.

And honestly, no one else uses or handles my mobile device. Of course, this is my privacy and personal property,
unless I deeply trust you with something like this.

This are the questions that came to mind when I saw this thread however I’m suspecting that the person that did this to his friend may be someone very close to him and knows his information. Something similar happened to someone I know some time ago it was later that they found out that the person that did that to him was his brother that knows his password and his exchange password too because the person uses same password in everything his doing so if you know that password you can even access his bank that’s why using one password to everything you do is not good I know the reason why people do this is so they won’t forget the password.
People should just learn how to secure there wallet or exchange very well so as to avoid this kind of things.

[Tungbulu]

You meant stole your friends phone! But then something is off here how was the person able to achieve having access to his phone completely using his pass key, if not it been leaked out by an imposter or third party. What's the point since he got access through authentication what then behold a password except biometrics could be the only way out. Moreso most crypto apps like binance and the rest of them got features where biometrics and other security features to safeguard ones funds are required, once it's set up it could save one from cyber theft.

There’s one feature about some of these exchanges that I admire, which is the fact that once you log in from a separate device, it automatically logs out from that device, this way the moment you discover your phone is missing and you know you got some funds on your exchange, you can quickly use someone’s phone to log in to your exchange account and successfully have it logged out from the stolen phone first, and even if the thief manages to change the password and successfully logs back in, which will be possible if he has your email, phone number or even 2FA on that phone, but he won’t be able to move out any funds, not until 24hrs, which is more than enough for anyone to intercept the thief, either by blocking your phone using the IMEI number, or reach out to the exchange to help freeze the account temporarily until you’ve fully gained access back to the account.

[Fivestar4everMVP]

There's something that happened yesterday which is making me to create this thread a friend of mine who is a crypto trader, he usually use binance and kucoin for his trading and we all know when it comes to withdrawing your funds in this exchanges you can set it using authentication code, email, password or biometric but you can still set it in a way you can use only the authentication code to withdraw and the authentication app is usually on the phone or system.
Yesterday someone store my friends phone entered his binance and kucoin Because it was already logged in and withdraw his crypto coins, and this was possible because he used only authentication code for withdraw and since the authentication app was on his phone it was easy for the person to withdraw, so please Set your exchange in password or biometric before withdraw because if it was set like that the person wouldn't have been able to withdraw his crypto coins.

A crypto trader is not supposed to have just one phone, as a trader, you should have atleast two phones, you use one of the phones trading on your favorite exchanges while you use the other phone for codes and verifications through both emails and authentication.

Like myself, I own two phones currently and one this phones has all the app of exchanges I use for trading, while on the other phone, I have the email account together with the authenticator app that I receive and retrieve codes for account log ins and withdrawal verification, this method ensures that even if one of this phones is stolen, the thief still can not access my funds except he has the second phone, and if he steals this second phone, he can't login to any of the exchanges I use without knowing my password.

And beside, I wanted to ask, wasn't the phone itself locked? How did the thief managed to unlock the phone without first flashing it and deleting every  app on the phone.?

[ancafe]

Yesterday someone store my friends phone entered his binance and kucoin Because it was already logged in and withdraw his crypto coins, and this was possible because he used only authentication code for withdraw and since the authentication app was on his phone it was easy for the person to withdraw, so please Set your exchange in password or biometric before withdraw because if it was set like that the person wouldn't have been able to withdraw his crypto coins.

also have the Binance app and several other exchanges on my smartphone, but I set the passwords differently. This is to make it difficult for people to access certain apps that I consider important enough to protect. It's generally difficult to crack a password on a smartphone unless the password is weak and even if you're using an iPhone, security is probably much better. I don't know how this could have happened so easily as smartphone users should understand the importance of using strong passwords, especially for those involved in investing using multiple apps on their smartphones. So be careful to prevent something like this from happening again as we sometimes take security measures on our smartphones for granted.

[atookz]

This incident is rare but if it does happen it will be detrimental and cause regret. This event is an eye opener that the safety of financial accounts (exchange, internet banking, etc.) or locations where we keep our assets cannot be based on the safety of a single layer of security. Relying on authentication codes, especially if the authentication application is on the same phone, clearly has risks when the phone is lost or stolen. To reduce the possible losses, it is possible to activate additional passwords like biometrics or any other security measures like whitelisting addresses of withdrawal. It's better to be a little difficult at the start than to lose the assets you've worked so hard to accumulate. Because account security is the user's responsibility.

[Nothingtodo]

If the phone had a strong locking system, it would definitely not have been possible for the thief to gain access to the phone. I think there was no locking on the phone, due to which the thief was able to easily enter the phone and access the exchange that was already logged in on the phone. This is the biggest mistake and weakness for an experienced trader or investor because he is a trader himself so he should have kept his phone under strong security. For this reason he must not log in to the exchange but log out and use the phone all the time. That is, due to all these small mistakes he has to face big losses.