The only way someone could access your funds would be if they had access to your CoinDealer account, or in the case of a non-hosted wallet, your private key. We never transfer any private keys over the network, EVER. We never expose an endpoint to access private keys. CoinDealer is a hosted wallet service, which means we manage your private keys for you, securing your funds with a password, device confirmation and 2-factor authentication.
Do not give others access to your device. If YOU give someone your access including your device (for 2FA) they could access your account and maliciously make transfers.
CoinDealer will never ask for you wallet passwords or account passwords. Our security policy is to NOT provide a user any password manually, under no circumstance. We direct the user to the processes we’ve created for recovery.