Everyone knows it. You register on a page, enter your e-mail address, username and password and you can log in. That's the way it works on most sites on the Internet, but it's quite risky. As soon as other people get access to this data, they can simply log in. This wouldn't be a big tragedy on many sites like forums or Facebook, but as soon as money is involved, it would be a disaster. On Facebook, an unauthorized person could, in the worst case, write to and insult people or something similar, but on an online banking account, a criminal could withdraw all the money. This is exactly what could happen with crypto currencies.
That's why the so-called two-factor authentication has been around for years. If this is activated, it is not enough to know user name and password, you also have to have another device such as the account holder's mobile phone. If you want to log in, you get an SMS with a code. Only if you enter this code, you will be logged in. So if a criminal subject steals the access data, he can't do anything without getting to the mobile phone. You can also activate two-factor authentication via an e-mail address. Here you always get an e-mail with a code when you want to log in. Therefore you should not have the same password for your email account as for other sites.
Of course such an authentication is annoying, but especially on sites where a lot of money is involved, you should activate it for security reasons. It is better to copy the code from the SMS or e-mail every day when logging in than to lose all your money.