Hi,
From my little research on how data is secured at Koinly, it looks like they are not keeping any records of the personal information, like official name associated with the āportfolioā in their own database.
They are using stripe (https://stripe.com) to validate the purchase of the plan, thatās the one who have all the personal information I believe. I have always found strange as well not having 2FA, but maybe thatās the reason.
You are maybe just a number in their database, without anything else attached, at least it s what Iāve understood but I would love to have more clarification on thisā¦
I really believe they should communicate a bit more on how privacy is handled. They could even put this in front of their webpage, people starts to care more about their privacy, and this awareness is just starting.
That would help to bring them more clients and also not lose any.
Agreed 100%. Any and all username/password checks should provide the user with an option to add 2FA, but 2FA wonāt protect any of our information from being stolen from a āback endā database. It will stop someone who guesses a password from accessing someoneās dashboard (which is a honey pot of details that can be used for further social engineering)⦠so, yes 2FA option should be added.