Independent educational platform · Not affiliated with Binance
ZH | EN | ES | FR | JA | KO
Sign Up Free
Security

Binance Account Security Checklist: Have You Configured All 8 Items?

Published on 2026/3/24 | 10 min read

An 8-item must-do security checklist for your Binance account, covering 2FA, anti-phishing code, withdrawal whitelist, device management, and more.

Stories of stolen cryptocurrency happen every day. Unlike banks, once crypto is stolen it's nearly impossible to recover. Spending 10 minutes on security settings can prevent losing all your assets. Here are the 8 security items you must check. If you don't have an account yet, register on Binance and complete these settings immediately after.

Item 1: Strong Password

Check: Is your password strong enough?

Requirements:

  • At least 12 characters
  • Include uppercase, lowercase, numbers, and special symbols
  • Don't use birthdays, phone numbers, or other guessable info
  • Don't reuse passwords from other websites
  • Use a password manager (1Password, Bitwarden) to generate and store

Bad passwords: Password123, abc123456, your birthday

Path: Security Settings, then Change Password

Item 2: Google Authenticator (2FA)

Check: Is Google Authenticator status "Enabled" in Security Settings?

This is the most important security measure. Even if your password leaks, no one can log in without the Google Authenticator code.

Setup tips:

  • After binding, make sure to back up the 16-character key
  • Write the key on paper — don't screenshot it
  • You can bind on two devices simultaneously as backup

Path: Security Settings, then Google Authenticator, then Enable

Item 3: Anti-Phishing Code

Check: Have you set an anti-phishing code in Security Settings?

Once set, every email Binance sends you will display your anti-phishing code. Emails without this code are phishing.

Path: Security Settings, then Anti-Phishing Code, then Set

Item 4: Withdrawal Address Whitelist

Check: Is the withdrawal whitelist enabled?

When enabled, you can only withdraw to addresses you've pre-added to the whitelist. Even if your account is compromised, hackers can't withdraw to their own addresses.

Setup:

  1. Security Settings, then Withdrawal Whitelist, then Enable
  2. Add your commonly used withdrawal addresses
  3. Each new address requires a 24-hour waiting period before it becomes active

Note: Enabling the whitelist causes some inconvenience (every new address requires a 24-hour wait), but security improves dramatically.

Item 5: Login Device Management

Check: Security Settings, then Device Management — any unrecognized devices?

Regularly check which devices have logged into your account. If you find an unknown device:

  1. Remove it immediately
  2. Change your password
  3. Check for suspicious activity

Item 6: Email and Phone Number Both Bound

Check: Are both email and phone number bound in Security Settings?

Risk of binding only one:

  • Email only: If email is compromised, you're vulnerable
  • Phone only: If phone is lost or SIM is hijacked, you're vulnerable

Having both provides mutual security backup.

Item 7: API Key Check

Check: In the API Management page, are there any API keys you don't recognize?

If you've never created an API but find one exists, your account may have been compromised. Immediately:

  1. Delete all unrecognized APIs
  2. Change your password
  3. Contact support

If you do use APIs:

  • Ensure minimum necessary permissions (never grant withdrawal permission)
  • Set IP whitelists
  • Rotate API keys periodically

Path: Avatar, then API Management

Item 8: Disable Password-Free Trading

Check: Is "password-free payment" or "small-amount verification-free" enabled?

Some convenience features reduce security. Recommended:

  • Disable password-free payment
  • Require security verification for every trade and withdrawal
  • A few extra seconds per operation is worth the security

Security Settings Overview

Item Status Importance
Strong password [ ] Set Basic
Google Authenticator [ ] Enabled Highest
Anti-phishing code [ ] Set High
Withdrawal whitelist [ ] Enabled High
Device management [ ] Checked Medium
Email + phone both bound [ ] Done High
API check [ ] Checked Medium
Password-free payment disabled [ ] Disabled Medium

Additional Security Habits

Beyond Binance's own settings, practice these daily habits:

  1. Don't use Binance on public WiFi
  2. Don't click links from unknown sources
  3. Never share verification codes with anyone (including people claiming to be support)
  4. Regularly check login records
  5. Bookmark the official Binance website — don't access it via search engines
  6. Keep your phone and computer systems updated
  7. Don't use Binance on jailbroken/rooted devices

If You Only Do 3 Things

If 8 items feel like too many to remember, at least do these 3:

  1. Bind Google Authenticator
  2. Set an anti-phishing code
  3. Enable withdrawal whitelist

These 3 items block the vast majority of attacks. Open the Binance app now and spend 10 minutes completing these settings. Your asset security is more important than anything.

🎁
Start Your Binance Journey

Sign up with our exclusive link for lifetime trading fee discounts

Sign Up Free Download App

Related Articles

Security

What Is Binance Anti-Phishing Code and How to Set It Up
Security

How to Set Up Google Authenticator on Binance – Essential Security