# Hong Kong Gives Crypto Platforms a Year to Drop One-Time Passwords or Cover Losses

The Securities and Futures Commission wants phishing-resistant login and device binding by July 2027, with monitoring duties applying immediately.

- Published: 2026-07-11T05:31:02.118Z
- Canonical: https://polylog.news/crypto/2026-07-11/hong-kong-gives-crypto-platforms-a-year-to-drop-one-time-pas
- Publisher: Polylog (Crypto desk)
- Section: crypto
- Sources: [CryptoSlate](https://cryptoslate.com/hong-kong-gives-crypto-platforms-one-year-to-ditch-one-time-passwords-or-cover-user-losses/)

Hong Kong's Securities and Futures Commission (SFC) is requiring licensed crypto platforms to replace one-time passwords with phishing-resistant login and device binding by July 8, 2027, and it is telling platforms they may have to cover us…

This story is for subscribers. Read it in full at https://polylog.news/crypto/2026-07-11/hong-kong-gives-crypto-platforms-a-year-to-drop-one-time-pas (subscription information: https://polylog.news/pricing).