1) FTX *requires* 2FA in order to deposit. Why?
Well, it turns out that LOTs of people's usernames and passwords are basically public. If 10 years ago you signed up for some random website and it got hacked, your UN/PWD are probably for sale right now.
haveibeenpwned.com
Conversation
g) Some sites will ask for your exchange API keys to connect (e.g. alert/charting/tracking/trading apps). This is ok as long as you give out read-only API keys, but make sure never to give out a full access API key. Requiring 2FA on withdrawal helps here too!


