How secure is your crypto exchange? Dashlane, a password manager app, and secure digital wallet company for managing user accounts recently released the results of a study they conducted this month. During the study, 35 of the most popular crypto exchanges were analyzed to find out how secure they were.
The researchers thoroughly tested five parameters on these exchange websites gauging the level of security for each. The five key areas that the study looked at were account creation email, 2-factor authentication, 8 or more character password, password strength meter and alphanumeric passwords.
For every criterion tested, the site was awarded one point if it passed and nil if it failed – with a max score of five points. For a website to be considered secure, it had to get a point for each parameter for a five-point rating. Any site that failed to get 5 out 5 is said to be insecure.
Results
Shockingly, over 70% of the websites analyzed failed to meet the required threshold for a secure site, and many of the sites tested were found to use substandard security measures. These dismal figures can’t even compete with normal consumer websites where it was found, in a study commissioned by Dashlane in 2017, that only 35% couldn’t meet the required security standard.
43% of the sites tested allow users to create passwords with less than seven characters. 34% of the sites allow users to create passwords without the use of alphanumerics. This basically means a user can create a password with weak letters such “ABCD” or “98765”.
Rankings
Luckily, there are sites that still don’t take any chances with their security. Some of the sites that scored a 5/5 when tested included:
• Bitcoin.de
• BitMex
• BTCC
• Cobinhood
• Coinbase
• Cryptopia
• Gemini
• Huobi
• itBit
• Paxful
Most of the sites got subpar scores and the following exchanges scored 2/5 and below, which ranked at the bottom of the study:
• Simex
• OKEx
• Exmo
• Coinexchange.io
• Changelly.
• CoinsBank (scored 1/5)
The CEO of Dashlane had this to say:
“Creating an account on a cryptocurrency exchange should be compared to opening an account in a local bank. Security of the exchange is paramount as most of your personal information and data is stored on these exchanges. We find that most of these exchanges have primitive security standards.”
“Weak exchanges are fodder for hackers. It is imperative that these exchanges, being at the forefront of technological developments, serve as an example to their peers.They should restructure their security systems to ensure they meet the minimum threshold.”
The problem actually depends on the password strength created by users themselves, not cryptocurrency exchange itself. Here’s a great article about how to create a good password: https://www.cyclonis.com/how-to-create-complex-memorable-master-password/