How to set up an Anti-Phishing Code on OKX? (Security layer)

Understanding the Anti-Phishing Code Functionality

1. The Anti-Phishing Code is a personalized security string assigned to each OKX user’s account.

2. It appears in all official OKX email notifications and SMS alerts related to sensitive operations.

3. This code serves as a visual verification mechanism to distinguish genuine communications from spoofed messages.

4. It does not replace two-factor authentication or withdrawal address whitelisting but operates as an independent verification layer.

5. The code remains static unless manually regenerated by the user through the security center.

Navigating to the Security Settings Interface

1. Log into your OKX account using verified credentials and complete 2FA if prompted.

2. Click on the profile icon located in the top-right corner of the web interface.

3. Select “Security Center” from the dropdown menu to access layered protection options.

4. Scroll down to the “Account Protection” section where multiple security features are listed.

5. Locate the “Anti-Phishing Code” card and click the “Set Up” button adjacent to it.

Generating and Confirming Your Custom Code

1. Enter a unique alphanumeric sequence between 4 and 12 characters—no special symbols allowed.

2. Re-enter the same code in the confirmation field to prevent typographical errors.

3. A verification SMS or email will be sent to your registered contact channel for final authorization.

4. Input the OTP received within 5 minutes to validate the setup process.

5. Upon successful submission, the system displays a green success banner and stores the code server-side.

Verifying Code Appearance in Official Communications

1. Initiate a test action such as changing email or resetting API permissions to trigger an alert.

2. Check your inbox for the corresponding notification—the Anti-Phishing Code must appear at the bottom of the message body.

3. Compare the displayed code with the one you configured in the Security Center dashboard.

4. If mismatched or absent, do not proceed with the action and immediately report the incident via OKX support ticket.

5. Screenshots of legitimate emails containing the correct code should be saved locally for future reference.

Frequently Asked Questions

Q: Can I use the same Anti-Phishing Code across multiple OKX accounts? No. Each OKX account requires a distinct Anti-Phishing Code. Sharing or reusing codes violates platform security policy and may result in temporary suspension.

Q: Does enabling this feature affect my ability to receive transaction confirmations? No. All standard notifications—including deposits, withdrawals, and order fills—continue uninterrupted. The code only appears in security-critical emails and SMS.

Q: What happens if I forget my Anti-Phishing Code? You can regenerate it anytime from the Security Center. Prior to regeneration, identity verification via KYC documents and device binding confirmation is required.

Q: Is the Anti-Phishing Code visible in push notifications or mobile app alerts? No. It appears exclusively in email and SMS channels. Push notifications and in-app banners do not display this code due to interface constraints and security design principles.