Login and password are not sufficient protection.
Hackers often have a pre-selected database of logins and passwords, and users often use the same logins and passwords everywhere.
A week on the output allows you to block any activity of hackers, and google Authentificator and SMS allows you to speed up this process for those who want but is not required.
After the output of the coins from the web-cabinet to the address of Metahesh already no SMS and ha. Protection of assets is carried out by a key and the password which is created locally and we don't store them