At Exness, we work hard to deliver the highest levels of security possible, so that you can manage your accounts and trade with peace of mind. Having said that, there are also a few things you can do to make sure your account is secure. Let us take you through it.
- Security types
- Passwords and verification codes
- Official means of communication
- How to keep your email safe
Your Security Type is chosen during the registration process and is a measure put in place to prevent unauthorized access to your trading accounts.
There are two Security Types: SMS and Email.
- SMS (high security)
If you’ve chosen SMS as your Security Type (usually set as default during registration), we will send a code to your registered phone number whenever you request a withdrawal, leverage change, etc. Enter the unique SMS code in the verification field to confirm your request.
- Email (low security)
When you request withdrawals or change account settings such as passwords and leverage, an email containing a unique confirmation code will be sent to the email address registered to your Exness account. You then simply need to enter the code when prompted.
Requests requiring verification are:
- Withdrawing funds
- Changing passwords
- Changing security type
- Changing leverage
This is not an exhaustive list. There can be other actions that may require verification.
Passwords and verification codes
Let us take you through a few tips on how to set up strong passwords and the security of verification codes:
- Use long, strong passwords that are difficult to hack, and keep them in a safe place. Avoid using information such as your birthday, common phrases, pet names, etc.
- Never disclose any of your passwords to third parties, except in the following cases:
- If you contact our Support Team: You will have to tell us the Secret Word set up/allocated to your account during registration. This is an extra level of security that allows us to confirm that we are speaking to you.
- If you want a third party (such as Investors) to view your trading activity, you can give them your Read only access password, which gives view-only access to your trading account. This password does not allow account settings to be changed, or transactions or fund transfers to be executed in your name.
- Never disclose the SMS or email verification codes you receive from us. The only exception is when our Support team helps you add a new mobile number to your Personal Area.
Official means of communication
The official means of communication between Exness and you include:
- Email: Emails sent from an …@exness.com address. For example, firstname.lastname@example.org.
- MetaTrader: Messages sent from the MetaTrader platforms’ internal mailing systems.
- Phone: Telephone conversations on the official number listed in the Contacts section of our website.
- Live Chat: Live Chat sessions with a member of our Support Team.
Kindly note that Exness does not use the following as official forms of communication:
- Yahoo Messenger
- QQ, etc.
Any email sent from a domain other than @exness.com is not an official communication from Exness, even if the email address contains the word - Exness. If you receive an email from a suspicious address please contact email@example.com.
If you suspect that you have become a victim of fraudulent activity, please contact our Support Team immediately.
How to keep your email safe
You use your email to login to your Exness Personal Area, so ensure that you protect it from unauthorized access. Here are a few tips:
- Enable two-factor authentication.
- Delete the security questions in your email account's security settings or use random characters as answers. Remember: answering a security question is the most popular way to hack an email account!
- Use a strong password to sign into your email account. Your password should not contain whole words. It should be longer than ten characters and it should include numbers, along with uppercase and lowercase letters.
- If you access the service through the web interface, disable the SMTP, POP3, and IMAP protocols in your email account's settings. This will protect your email account from a brute force attack.
- Avoid clicking on questionable links in emails from strangers or organizations! If you receive an email containing a link and you click on it, do not enter any passwords.
If you receive an email with a code but you did not make any requests or changes in your Personal Area, delete the email immediately and report the incident to our Support Team.