Two-Factor Authentication (2FA)
Summary
Two-Factor Authentication (2FA) adds an extra layer of protection to your Bitvavo account. You can enable it using Push notifications, an Authenticator app, or both. Withdrawals of crypto are only possible when Authenticator app 2FA is enabled.
Introduction
Two-Factor Authentication (2FA) helps keep your Bitvavo account secure by requiring two verification steps when logging in: your email address and password, and a second verification method (a code or an approval on your device). You can enable Push notification 2FA, Authenticator app 2FA, or both.
The 2FA code is different from the 5-digit PIN code you use for the Bitvavo app. The PIN code is meant for quick access to the app after you have logged in. For important actions or when you log in on another device, you will be asked for the additional 2FA code. This provides extra security and ensures that only you have access to your account.
Step 1: Choose your 2FA methods
You can enable one or both 2FA options in your account’s security settings.
| 2FA method | How it works | When to use it |
|---|---|---|
| Push notification 2FA | You confirm each login attempt with a notification sent to your registered mobile device. | Quick and convenient - ideal for everyday access. |
| Authenticator app 2FA | You enter a six-digit code generated by an authenticator app such as Google Authenticator or Authy. | Required for crypto withdrawals and recommended for maximum protection. |
For detailed setup instructions, see:
Step 2: Keep your recovery code safe
When you set up Authenticator app 2FA, you receive a 2FA recovery code. This code allows you to regain access to your Bitvavo account if you lose access to your authenticator device.
Step 3: Manage your 2FA settings
You can manage your 2FA preferences in the “Security” section of your account. From there, you can:
- Enable or disable each 2FA method independently
- Activate both methods for additional security
- Reset or update your 2FA if you change devices
FAQ
Why should I enable 2FA on my Bitvavo account?
Enabling 2FA adds an additional security layer to your account, making it much harder for anyone else to gain access, even if they have your password.
Can I use both Push notification and Authenticator app 2FA at the same time?
Yes. You can enable both methods for extra protection. Push 2FA lets you quickly approve logins from your device, while Authenticator app 2FA is required to withdraw crypto from your Bitvavo account.
Why do I need Authenticator app 2FA to withdraw crypto?
Withdrawals move digital assets outside your Bitvavo account. To ensure this action is authorized by you, Bitvavo requires Authenticator app 2FA, which provides a stronger verification step than Push 2FA.
What happens if I lose access to my 2FA device?
If you have Authenticator app 2FA enabled, use your recovery code to regain access. If you cannot use your recovery code, follow the steps in our 2FA reset flow from the Authenticator app article.
Can I switch between the two 2FA methods?
Yes. You can enable or disable either method at any time in your Security settings. If you disable Authenticator app 2FA, crypto withdrawals are blocked until it is re-enabled.
Where can I learn more about keeping my account secure?
Visit our Security page to learn more about how Bitvavo protects your assets and how you can further secure your account.
Was this article helpful?