At Crypto.com, we’re deeply committed to data privacy and security, so you can be rest assured that your funds are safe with us. While we do everything we can to safeguard your personal information and assets, your efforts are just as important. Here are tips to help you stay safe.

Some of the commonly overlooked habits:

  • Using one passcode for every account (e.g. Device passcode is same as your Crypto.com App passcode)
  • Using one email for every account (e.g. Same email address for various crypto wallets, services, and exchanges)
  • Keeping your passcode on your device (e.g. Storing your Crypto.com DeFi Wallet recovery phrase as a screenshot or in Notes in plain-text)
  • Multi-factor Authentication (MFA) is activated, but  on the same device as your crypto app
  • Oversharing (e.g. Passing your credit card around at a dinner table with people you don’t know)

Any of these sound familiar? If so, you could be at risk. The good news is that you can easily change these habits!

DO’s and DON’Ts

When it comes to privacy and security, every detail matters. We believe that the following best practices are worth taking the time to follow and make compromises for.

  • Always set a unique passcode and/or pattern lock for your phone, the Crypto.com App, and Crypto.com DeFi Wallet
    This will help protect your data and funds in case you lose your device. Also, if you’re targeted as a crypto holder for a password hack, bad actors will find out everything they can about you in an attempt to guess your passcode using information like your birthday, age, and favourite numbers.
  • Use a unique email address/alias to register an account
    By setting up a unique email address/alias when signing up for a new account, you can be sure that this email address has not been leaked to spammers or hackers via other company/industry mailing list breaches. It’s one of the many steps you should take to better protect yourself from phishing. This tip works best when paired with an anti-phishing code.
  • Use strong and unique passwords (consider installing password management software)
    With a password manager, you can free your mind from having to remember multiple password combinations. Just make sure your master password is strong yet easy for you to remember, like phrases which are only meaningful to you. Length is the most critical factor in a strong password, and when combined with upper case, lower case, and special characters, makes it significantly harder for hackers to brute force your account. Also, remember to avoid using personal information that can easily be guessed or found on social media. Never re-use the same password for different platforms!
  • Never publish or share the details of your Crypto.com Visa Card with anyone
    Make sure to always pay with your cards yourself—you do not need the help of third parties, such as a cashier. Avoid sharing your card with others at social gatherings. Please be reminded that we will never ask for your card details. If you lose your card, make sure to freeze it in the App and contact our Customer Support team immediately.
  • Do not share your account credentials, like your MFA, PIN, or password, with anyone
    No one from Crypto.com will ever ask for your login credentials, private keys, MFA security codes, or recovery phrases—no matter which mode of communication you use to contact us. Most importantly, if you have cold wallet storage, never share your secret phrases with anyone over the phone, email or social media.
  • Do not store your MFA recovery code and Crypto.com DeFi Wallet recovery phrase on the same device you use to access our products
    The practice of multi-medium backup will allow you to conveniently recover your account with Multi-factor Authentication if you lose your device. You can also consider keeping one of your backups on an offline medium.
  • Do not store passwords and logins in an unencrypted form
    Don't sacrifice security for momentary convenience. You can’t predict when unauthorised third parties will try to access your account, or when you’ll lose your device . It could be in the very next minute, an hour, or a year from now. You must always be prepared and protected.

Continual efforts to secure your account are important when combating bad actors. We have shared some common mistakes that you can avoid to protect your devices and accounts, as well as ways to build good habits going forward.