According to the Coinbase blog published April 9, 2019, U.S. cryptocurrency exchange Coinbase is set to bolster its security measures with the implementation of multiple layers of protection against credential stuffing attacks.
The Need of the Hour
Exchange hacks have long plagued the burgeoning crypto industry, and the problem has only become more frequent in recent times.
As reported in January 2019, New Zealand-based exchange platform Cryptopia fell prey to hackers. On a more recent note, Singaporean cryptocurrency exchange DragonEX saw its security breached by cybercriminals.
Seeing the recent flurry of virtual attacks on crypto exchanges, many crypto exchanges have decided to tighten their security measures.
Per sources close to the matter, Coinbase has implemented a new security layer to protect its customers from phishing and scam attempts.
Starting today, each time a user creates a Coinbase account, their plain text password will be immediately converted into a string of gibberish known as a “hash” unique to their account.
Once the password is converted into a hash, Coinbase will use it in the future to authenticate the user’s password. If the password entered by the user converts to the same hash as previously generated, Coinbase will allow the user to log in.
If it does not, the user’s account will be locked.
This robust security measure is possible courtesy of an algorithm called bcrypt which is a “one-way” hash that no organization (including Coinbase) can decrypt to determine the user’s original plain text password.
Further, the exchange will also use the same functionality to safeguard its users against “credential stuffing attacks.”
For the uninitiated,