Gemini, the New York regulated bitcoin exchange company, announced that it has introduced support for hardware security keys via WebAuthn (Web Authentication). Users of the exchange can now apply USB security keys (e.g., Yubikeys, Feitian keys, Trezor, and Ledger hardware wallets, MacOS TouchID, etc.) as their two-factor authentication (2FA) method when signing in.
Using hardware security keys via WebAuthn to secure a Gemini account provides hardware-backed, cryptographic proof that it is the real user signing into their account. This helps stop someone else from signing into their Gemini account even if they have the password. Using hardware security keys via WebAuthn also ensures users only submit two-factor credentials to the actual Gemini website and not a malicious website pretending to be the Gemini website.
To further boost security, two weeks ago, Gemini released a self-service tool called Withdrawal Address Whitelisting. When enabled, a user’s assets may only be withdrawn from their Gemini account to specific crypto addresses.
“We’ve added many layers of security throughout the years to help you keep your digital assets safe. Since our launch in 2015, we have always required 2FA for all account sign-ins; this has never been an opt-in security feature. Authy Push, Whitelisting, and today’s announcement of WebAuthn, give you the advanced tools you need to secure your Gemini account. We will continue to strive to be the most secure place for you to buy, sell, and store your crypto today and tomorrow. “
Note that the Gemini Mobile app does not currently support WebAuthn for 2FA because native support for WebAuthn on mobile is limited and not all iOS and Android devices can physically accept a security key.