Topic: Lost my 2FA Google Authenticator Code - CEX.io (Read 381 times)

Having some message OTP verification is not by any chance the solution in this kind of situation, the OP will still need the 2FA code before he can access his account and his ID document will still be needed if he wants to rectify the 2FA.
With that been said, is better for the OP to write down the backup code on paper and keep it safe or make use of Aegis which some outstanding features instead auth or google authen.
@up136191857, an exchange like Binance give fast response and solution to issue like this.

Good thing to hear up some updates from you op, this is why its really always better to set out aside from google auth 2fa on having also some message otp verification in case on having these kind of possible
problems in the future.

Since this issue had been already resolve then better lock off this thread to prevent further replies.

UPDATE:

I tried to log in today and they disabled the 2FA and I was successfully logged in.

Thank you guys for participating in this topic, your replies were nothing but helpful.

I really appreciate everyone, let's hope this topic/thread serves as a solution for anyone.

Cheers 

I did sent the user ID but still nothing.

In their support system they pretend that answer could take up to 10 days but in my case it’s been more than 3 weeks.

Still nothing

Have you PMed @CEX, someone ever 20 days no response yet, but almost of them got reseted  [1], [2], [3], [4], just make sure you explain the detail and send user ID, ticket number to him.

2 weeks gone by. Still nothing.

OP, I try to push them through Twitter. I hope we will get some reaction when this is more public.
I am still surprised by their slow response in this case.


I chose SMS as extra authentication protection here, just because of a possible complicated situation like this. In the meantime, I broke my phone a few time, so there would be a lot of problems even if I think I’m not using CEX only with 2FA.

CEX is not only the exchange with bad support and most of them are saving on stuff, but we should take more care about 2FA backups.
There is also free open source software for windows called WinAuth we can use for this in combination with mobile apps like Aegis.

I have already sent them my personal information (ID, Address). Still nothing.

They will definitely ask a full copy of personal documents before processing your request. Cex.io has been a well-known crypto exchange for Ukraine-based crypto companies but they have slow support after the increasing popularity of crypto investment. No worries, the support team will reset the 2FA even if you have no access to the lost phone number/email/authentication app.

I also didn't know about the recovery process but not going to change the default 2FA app to another one. Authy has done an amazing job after losing access to the old Google Authenticator app which contained more than 30 private 2fa keys to online accounts. I am ready to share documents if the Authy team asks this for security reasons and proving identity by asking few questions.

Damn I really used to think Authy is a goat of a 2FA app, especially after finding out how bad GA was after I lost one of the 2FA keys. Welp, I am wrong as it seems.

Btw, this aegis, I have never heard about it up until now. I looked it up right now and the reviews seem great thus far. I will check it out, thanks!

---

Dude you should make a thread of all useful/privacy friendly crypto-services cause I assure you dumbasses like me don't know a lot about it.

Hello guys,

I just wanted to update the thread about my issue. Still haven't heard back from CEX it has been more than 9 days since I contacted the support and no answer till now.

Definitely they do have poor support system. It makes no sense at all.

Waiting...

I was reading from here: https://www.twilio.com/legal/privacy/authy

Emphasis mine. More worrying that just for account recovery, they may also lock you out of your 2FA account (and therefore all of your online accounts which use 2FA) and demand KYC "from time to time". How reassuring.

They track your activity across all your accounts, linking that to your email address, phone number, and IP addresses...

...and they share it with third parties.

I don't understand the benefit of this service. It is the equivalent of a web wallet for 2FA: You are letting someone else handle all your codes, have the power to lock you out of your accounts, and invade your privacy, all for something you can do yourself easily, freely, securely, and privately.

o_e_l_e_o, AFAIK authy do not do that.

Authy doesn't request location access neither email address. The only thing authy gets is the phone number.

I never even heard about they requesting KYC documents.

I look at their help page (https://support.authy.com/hc/en-us#) and the word KYC or Documents is not even mentioned anywhere.... where did you see that they require  KYC?

If that's true, I would maybe shift over to another software. But I use authy for years and never had any similar problem..


Edit:
I found:
https://support.authy.com/hc/en-us/articles/360012304633-Authy-Phone-Change-and-Account-Recovery-Photo-ID-FAQs

Terrible for authy... this KYC makes no sense at all...

This article might help you ]Cex.io two factor authentication 2fa trouble shooting

Give some tries to solve your own problem while waiting for their response since support take time to answer maybe due to some load of works given to them so better spare some extra time to do it for yourself.

Thank you to you all for your readiness to help me. I never thought that here I could find a lot of people that will actually try to help you.

Update: I received a reply from CEX account here telling me that I have to wait for my queue since there are a lot of requests especially during these times since everybody is into it.

I still cannot access the account but I hope my turn will come soon.

I will update the thread often so I anyone how will have the same issue as me, should definitely find this helpful.

For sure this topic has convinced me to be more active on the forum and spread my knowledge here.

If they're still using standard TOTP, any compatible app should work.

An even better option is to use a 2FA app such as Aegis, which allows you to export an encrypted database of all your shared secrets, which you could store on an offline medium such as a USB drive. Then, if you lose your phone and you need to recover your 2FA codes, it's as easy as downloading the app on your new phone and importing the back up.

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.

I agree with you, Authy is much better than GA, he is connected to your account, not the device. I use SMS as 2FA on Cex.io, because do not want to have risk if I lose or broke my phone device.
But do you know that Coinbase after 31.03 will no longer support Authy? They suggest to all users to move on GA
Sorry OP, now we are going to offtopic

You can register 2 devices of yours. For example 1 smartphone and 1 notebook (as a back up). You will have all your 2FA codes in both devices, and you will disallow that someone add another device. For example, if a hacker steals your password, he won't be able to access any of your 2FA codes as he can't add another device without your permition from an allowed device.

This is the difference between GA and Authy: You have the security that a hacker cannot add another device even if he steals your password, and you are still able to access your accounts if you lost one device.

If you lose your phone, just buy a new one and add that new phone from your allowed device.

Much better than GA.


Storing your passwords and private keys of 2FA codes in a file on a notebook is very dangerous (and those private keys are mostly very big and impossible to write down in a paper). This file contains sensitive information that a hacker can access without major difficulties and steal money that may exist on exchanges or other services where the user keeps cryptocurrencies.

Authy is a software created by cybersecurity professionals that know what they are doing. What you are suggesting is the same as storing bitcoin private keys in file in your notebook... This may work for a while, but you might (and probably will) get hacked one day.

Unless you are a security specialist, I would advice everyone to work with the appropriate software.

So what happens if you lost the device and you were prohibited the registration on a new device? This means you can't log in even you have the login credentials. So what is the difference between Authy and Google Authentication? If you keep off prohibition then it would be a quite risky move, someone would guess your password or would be even hacked. The best solution is to maintain a notebook to write you all the accounts credentials including Google Authentication codes and keep it always under you. So even lost the device still you will have to backup all your account credentials.


Back the OP, recovering 2 FA is quite a complex method. You have to wait for their positive response with patience. Keep in mind, don't hand over your wallet credentials to an unauthorized person either it's on Telegram or Twitter. Don't respond if someone PM you to recover your 2FA, most probably they are a scammer.

Yeah there is nothing else to do besides waiting. But this is very scary as I think my email will go unchecked and probably they will never reply.

Anyway, I will update this thread with what happens, maybe there is someone like me and this could be helpful to them.

This is by no means unique to cex.io. Pretty much every crypto exchange in existence has problems with poor customer support. It is particularly bad at the moment due to the bull run, increased volume which means increased problems and issues, and them having to process thousands of new accounts. This is what you have to put up with when you use any centralized exchange which takes custody of your coins.

All you can do now then is to wait. In the meantime, download an open source 2FA app which allows full encrypted back ups so this doesn't happen again.

SMS is a very insecure method of 2FA and should be avoided where possible.

Yeah, I find it very strange why a company like Cex is so slow at their support system. I mean each company is trying to get the majority of users and things like these might change your mind to go elsewhere.

I contacted them through both e-mails, twitter dm's, reddit messages and recently here on their DM.

No, answer yet

I have contacted them on this e-mail but no response yet. They even deleted the [email protected] email

I have had this problem several times and even changed it to 2Fa via sms which I also had the same problem and several times I have already asked support to disable my 2Fa and I am surprised that you have said that they are taking too long to solve your problem because they have always been very quick to respond and solve the problem. i use cex.io for more than 2 years. this is very strange


he has an account here at bitcointalk Send PM:

https://bitcointalk.org/index.php?action=pm;sa=send;u=148073

Aside from those links above, you can also sent into these contact details too.

Support phone number:
+44 20 3966 1272

Email for complaints:
[email protected]

or via facebook: https://www.facebook.com/CEX.IO/

Definitely, I would be definitely move out Google and use your suggestion but right now the priority is to get back the Cex account

Yeah, totally my bad but this has to be fixed somehow, I was thinking to use their platform for a long-term but now after all these bugs on their website my mind is not on the same page anymore

I reached also to their Telegram Group.

Let's hope for the best now.

This is a terrible problem with Google Authenticator. If you lose your phone, it is over and there is nothing you can do.

The best thing is to use an alternative com Google Authenticator. You can use  Authy app. This is a very nice software, which let you save all your 2FA codes in your account.

Authy has an option to prohibit the registration of new devices. So if someone steals your Authy password, they can not add an additional device, unless if an authorized device allows the registration of new devices to your account.

I made a post about it here: https://bitcointalksearch.org/topic/2fa-important-precautions-with-google-authenticator-3178131

I think you should consider using Authy in your  new phone.

Thanks for sending me these links to their social media profiles. I reached on all of them but I don't think that I will be getting an answer. Like how they are not able to see emails from their users, this is totally a support failure plus their website has so many errors

I hope you learned important lesson so remember to make backup for everything including 2FA, and don't be surprised if you have to wait much more for their support.
My issue was with other exchange, and I was always receiving exact same machine answer from their support.

You can also try contacting their admins in CEX Telegram group:
https://t.me/CEX_IO

Try reaching out on social media. Unfortunately a lot of exchanges have very poor customer support, and only actually address problems when there is the threat of negative publicity for them.

You can Tweet at them @cex_io: https://twitter.com/cex_io
You can post in their subreddit here: https://www.reddit.com/r/cex_io/
You can message their account on Reddit here: https://www.reddit.com/user/CEX_IO

There are a few posts from that last account I linked saying that their Support Team is overloaded with requests (aren't they always?), and so any response will take some time.

Hello there,

I am an already an CEX.io customer and as a regular user I have made a transaction recently. I wanted to secure my account at the highest level so I successfully verified with my personal identification documents and I have enabled the 2FA Google Authenticator from my smartphone.

But, recently I have switched to a new phone and eventually I lost my 2FA Google Authenticator Backup code and I am not able to log in into my account anymore.

I tried to upload my personal ID and a handwritten note to their page here:https://cex.io/auth/reset-2fa and prove that I am the true owner of the account but it seems that Cex.io has some server technical issues as it is telling me that: Service is temporarily unavailable

Have anyone experienced the same issue?

I have already contacted through a complaint email but I haven't heard back from them for about a week. I have already contacted the live chat support but it is almost impossible to be in touch with any technician.

Can someone help me please, how to be in touch with them?

Thanks