Over Half of Cryptocurrency Exchanges Still Face Security Risks, But Coinbase Leads in Safeguards

Cryptocurrency exchange security remains a top priority for every crypto investor. While some platforms implement robust cybersecurity measures, many lag behind—failing to enforce basic protections like mandatory strong passwords.

Key Findings from ICOrating's Security Report

A recent ICOrating study analyzed 100 crypto exchanges with daily trading volumes exceeding $1 million, revealing alarming gaps:

• 54% of exchanges have at least one exploitable security flaw.
• 41% permit passwords shorter than 8 characters.
• 37% allow passwords with only letters or numbers (no mixed characters).
• 5% enable account creation without email verification.
• 3% lack two-factor authentication (2FA).
• Just 46% comply with all four basic security requirements above.
• Only 4% implement advanced domain security measures.

Domain and DNS Vulnerabilities

ICOrating evaluated critical protections like:

• Registry locking (prevents unauthorized DNS changes): Adopted by just 2% of exchanges.
• DNSSEC (blocks DNS cache poisoning): Used by 10%.
• Comprehensive security protocols: Only 4% applied four out of five recommended measures.

👉 Explore top-rated exchanges for secure trading

Exchange Security Rankings

In a 100-point scoring system, no exchange scored above 90. Highlights:

| Rank | Exchange | Score |
|------|-----------|-------|
| 1 | Coinbase | 89 |
| 2 | Kraken | 80 |
| 3 | BitMEX | 78 |
| 3 | Gopax | 78 |
| 8 | Cobinhood | - |
| 12 | Ethfinex | - |
| 17 | Binance | - |

Lowest performers:

• OKcoin (15/100)
• Meratox (25)
• Zaif (29)

FAQs

Why do so many exchanges neglect security?

Many prioritize rapid growth over infrastructure, leaving gaps like weak password policies or missing 2FA. Regulatory ambiguity in some regions also reduces accountability.

How can users protect themselves?

• Use exchanges with high security scores (e.g., Coinbase, Kraken).
• Enable 2FA and hardware wallet withdrawals.
• Avoid platforms allowing simplistic passwords.

What’s missing in this report?

ICOrating didn’t assess dynamic IP checks or withdrawal verification—areas for future research.

👉 Compare security features across top exchanges

This analysis underscores the urgent need for standardized security practices in crypto trading platforms.

### SEO Keywords:  
1. Cryptocurrency exchange security  
2. Coinbase security measures  
3. ICOrating exchange report  
4. Crypto trading risks  
5. Best secure exchanges  
6. Two-factor authentication (2FA)  
7. DNS security for exchanges