Two-Factor Authentication (2FA)
A security method requiring two different forms of verification to access an account, like a password plus a code from your phone.
2FA adds a second layer beyond your password. Even if someone steals your password, they can't log in without the second factor. The most common types are authenticator apps (Google Authenticator, Authy) that generate time-based codes, and hardware security keys (YubiKey).
SMS-based 2FA (codes sent via text message) is better than nothing but vulnerable to SIM swapping attacks, where an attacker convinces your phone carrier to transfer your number. Always prefer authenticator apps or hardware keys over SMS.
Every crypto exchange account should have 2FA enabled. It's the single most impactful thing you can do to protect your USDC on exchanges. Most exchanges also offer withdrawal address whitelisting, which adds another layer of protection.
Related Terms
Phishing
A scam where attackers impersonate legitimate services to trick you into revealing passwords, seed phrases, or approving malicious transactions.
Custodial Wallet
A wallet where a third party (like an exchange) holds your private keys on your behalf.
Wallet
Software or hardware that stores your private keys and lets you send, receive, and manage cryptocurrency.
Learn More
This definition is provided for educational purposes. USDC.org is an independent resource and is not affiliated with Circle Internet Financial.