Gemini, the New York regulated bitcoin exchange company, announced that it has introduced support for hardware security keys via WebAuthn (Web Authentication). Users of the exchange can now apply USB security keys (e.g., Yubikeys, Feitian keys, Trezor, and LEDGER hardware wallets, MacOS TouchID, etc.) as their two-factor authentication (2FA) method when signing in.
Using hardware security keys via WebAuthn to secure a Gemini account provides hardware-backed, cryptographic proof that it is the real user signing into their account. This helps stop someone else from signing into their Gemini account even if they have the password. Using hardware security keys via WebAuthn also ensures users only submit two-factor credentials to the actual Gemini website and not a malicious website pretending to be the Gemini website.
To further boost security, two weeks ago, Gemini released a self-service tool called Withdrawal Address Whitelisting. When enabled, a user’s assets may only be withdrawn from their Gemini account to specific crypto addresses.
“We’ve added many layers of security throughout the years to help you keep your digital assets safe. Since our launch in 2015, we have