Secure MtGox Account By Adding Two Step Authentication
Posted by 
April 29, 2013 •
“ I just got an email from Mtgox saying I made a withdrawal. I go log in and all $250 of my USD is gone! My account at Mtgox is hacked ” This type of post are becoming very common in bitcointalk forum and rediit nowadays.
Credit cards are sold in underground markets for few dollars, actually in cents while single bitcoin cost in hundred of dollars and nearly impossible to track. So, bitcoins are now probably the top most target of hackers and trojan-botnet operators in search of easy profit.
Every time you click on malicious links, download cracked programs, install pirated windows, surf untrusted websites etc. chances are ever greater that there is a trojan/virus hidden inside them to capture your user name / password. Botnet operators use a “FUD crypter” to bypass most of the Antiviruses.
If you have more than 2 bitcoins, and use Mtgox account for monetary transactions regularly, you really need to harden your security and be very careful about what you click on. We strongly recommend you to use two-factor authentication with Mt. Gox!
Two factor authentication requires the user to go through an extra step after the usual username/password process, can be added to login, withdrawal and account security. Basically you need to enter a six-digit code generated via Google Authenticator app on your iPhone / Android phone. The code changes every 30 seconds for the user, so each code is intended to be a unique one-time login.
Following are the instruction to secure your Mt Gox account by adding two step authentication.
Step 1: Login to your Mtgox account and navigate to “security centre” and click “add new” under “software authenticators”.
Printout this page, save a screenshot of this window in secure place or copy/paste the “secure private key” to a USB key. Keep this key secret and secure and never loose it.
Step 2: Download and install the Google authenticator app for android or iOS.
Step 3: Now click the plus sign and add your secure private key by typing manually or scan the barcode.
Step 4: Use your generated one-time-passcode in the mtgox security centre.
This passcode changes every 30 seconds. That’s how long you have to type it into mtgox and “save” your new 2-factor authentication system.
Step 5: Add your new 2-factor method to “Withdrawal” to protect withdrawals by drag and drop.
Also add it to “Security Center” so nobody, except you can remove your two factor authentication protection.
Step 6: That’s it, you are safe now. Now a one time passcode is needed every time to make withdrawals.
Extra safety tips : If possible use Mac or Linux. Don’t click on untrusted links. A lot of spyware, malware, key loggers etc. run on java exploits, so if possible disable java and flash. Install bitcoin whitelist extension for Google chrome.
Don’t forget to follow us on Facebook, Google Plus and Twitter for more safety tips and latest news.
I have some cash (more than I can afford to lose) in Mt.Gox account and now I want to add google authenricator to my account. However I am paranoid about it not working due to some stupid newbie misstep on my part or bad clock sync or whatever and then I could never get the money out. Is there anywhere to practice setting up Google authentication before I do it for real on my account?