A 2FA or two-factor authentication is a second layer of security that protects your account from unauthorized access. Whenever you login to your account, in addition to entering your password, you will be asked for a security code that is sent to you via an email or a text message. Even if someone knows your password, they cannot access your account without the verification codes. You can also use the Google Authenticator app to set up 2FA. Google Authenticator employs a Time-based One Time Password for securing user accounts.
When you initially register with Beldex, you will be asked to set up two-factor authentication. You can choose to skip it, however, you can also set it up at a later time.
Login to your account and click the ‘profile icon” at the top-right corner of the website. Then choose ‘Account Security’ from the drop-down menu. Under ‘Two-Factor Authentication’ you will see options such as Password, Email, Phone and Google Authenticator.
Select ‘Email’, input your email ID into the field given and click ‘Send’ to receive the verification code via email.
Check your email for the 6 digit verification code and key it into the ‘Enter Verification Code’ field. Click ‘Submit’.
2FA using your email is now enabled to your account.
Note: The email verification code will expire in 15 minutes.
Select ‘Phone’ and choose the ‘Country Code’ option. Select the correct country code from the list, input your mobile number and click ‘Send’ to receive the verification code.
Enter the code into the respective field and click ‘Submit’.
2FA using your phone is now enabled to your account.
Note: The verification code sent to your phone will expire in 10 minutes.
Select Google Authenticator from the list of options. Now, you will see a QR code, a field to enter the verification code and a secret key that is a combination of letters and numbers. Note down this key as you will need it to recover your account in case you lose or are unable to access your phone. For security reasons, do not share this key with anyone else.
Download the Google Authenticator App from either the Google Play Store or Apple iStore depending on what device you use.
Open the app and click on the + button at the bottom right. You will be presented with two options, ‘Enter a provided key’ or ‘Scan a barcode’.
If you choose ‘Scan a barcode’, you have to align your phone’s camera with the QR code on the screen. If you choose ‘Enter a provided key’, you have to provide an account name (Eg: Beldex account) and enter the secret key into the respective field on the app.
Select ‘Add’ and you’ll see that GA generates a 6 digit verification code every 30 seconds for your Beldex account. Enter the newest verification code into the respective field and click ‘Submit’ before the time lapses.
You’re almost there. An email will be sent to your registered email address with a link to activate Google 2FA. Click either on the link or ‘Activate Now’ option in your email.
2FA is now set and you will be asked to enter the verification code generated by the app whenever you try to log in to your Beldex account.
Note: Ensure that the time on your system is the same as that on your phone to avoid errors. After five wrongful attempts, your account will be locked and you will have to wait for another 2 hours. All trades, deposits, and withdrawals will require the GA code. If you accidentally delete the GA app, then you can either recover your account by using the secret key or contacting our customer support.
Login to your account and click on the profile icon. Select the ‘Verify Account’ option from the drop-down list. The files that you upload should be less than 5 MB in size. The format should either be JPG or PNG.
You will be asked to submit a scanned copy of your ID proof which may include your Passport, Drivers License, or any other valid ID which personally identifies you provided by relevant authority or jurisdiction.
The country of your residence and the name that you submit should be exactly the same as that on your Passport or other ID proof.
Verification of your account may take upto 24 hours. If you have any queries that need to be addressed, contact customer support.
You can normally reset the Google 2FA by visiting the Account security menu, if the value of assets in your account is less than 5000 USD in fiat or crypto.
However, if you disable Google 2FA, then you cannot make a withdrawal for 24 hours, even if you’ve re-enabled the Google 2FA associated with the account.
However, we mandate of policy of all account holders who have more than 5000 USD equivalent stored in their wallet, to submit a case to our Support team for them to review the reset.
This may take up to 7-10 business days.
A strong password should be at least 8 characters in length. The length of the password is not limited but all passwords above 72 characters will be shortened. It is advised that you include a combination of letters, numbers and special characters. Do not use the passwords of your email or other accounts.
You can also use a password manager to handle your passwords. If you want to opt out of using a password manager, make sure that the password you set is unique and long so that it is not easily susceptible to hacks.
If you are provided with a secret key or QR code, make a hard copy of it and store it in a secure place. Do not store a digital copy of your secret key on your phone, hard drive, email, or any other cloud storage. Following the Best Security Practices can help protect your account.
Beldex follows a number of security measures to ensure the safety of the user’s account. To effect this, we implement a policy of no withdrawals within 24 hours of changing your password. Also, you can only request for a password reset from authorized devices (devices that you have used previously and have been verified), locations or IP addresses.
If you no longer remember your password or want to update it, visit the password reset page.
Enter the email ID with which you registered your account. An email will be sent to you with a link or security code to reset your password.
You can either click on the link or enter the security code. Key in a strong password and confirm it. If the passwords do not match, it will be indicated next to the text field.
To unlock your account, contact our support team at [email protected] by providing relevant details including,
A selfie holding your ID proof.
Your phone number and postal address.
Support will review your appeal request and reply back to you as soon as feasible.
Why was my account locked?
Users are allowed a maximum of 7 failed login attempts before their account is locked for 3 hours. Such accounts cannot be unlocked until the completion of the aforementioned duration due to security protocols.
Otherwise, we may lock your account upon your request.
Users account will be locked if suspicious activity is suspected.
During an ongoing investigation or by order of a regulatory authority, a user’s account may be frozen or locked.
Such cases warrant an appeal and Beldex will determine the outcome of the appeal in its sole discretion.
You may appeal by sending an email to [email protected].
Trading passwords offer a second layer of security to the activities on your account. You will be asked to enter your trading password whenever you withdraw, trade or set up an API. Even if someone gains access to your account’s password, they cannot proceed further without the trading password.
To set up a trading password, log in to your account and click on the profile icon found at the top right of the webpage. Select ‘Account Security’ from the drop-down list.
Choose the ‘Trading Password’ option and click on ‘Set’. A text field will ask you to input a verification code. You can either receive this verification code to your registered mobile number or use the Google 2FA to generate one.
Upon entering the verification code, you can set up a trading password. Make sure that you remember this password the next time you wish to place an order.
Some additional security measures taken by the user can greatly reduce the risk of a hack.
These include securing your 2FA secret code which can help you recover your account if you lose access to your phone or uninstall Google Authenticator. Write down the secret code and do not store a digital copy of your passwords or other key account information anywhere on either your devices or on a cloud storage application.
Whitelist some of the secure IP addresses that are in your possession. This prevents an attacker from an unknown IP from accessing your account. On losing access to a whitelisted IP address, you may contact our support team to disable IP whitelisting after submitting an ID proof, a selfie of yourself with “Beldex” and the current date written on a piece of paper.
Withdrawal address locking is another security practice by which you can restrict illicit withdrawals to unknown addresses. On losing access to a locked withdrawal address, you may submit a request to Support requesting the unlocking of that address.
It is advised that you always use trusted networks to connect to your account. Public or free networks have higher risk factors and are generally unsafe.