If there is a data breach on a website, hackers can potentially get access to your personal and confidential information including your login credentials. Armed with your personal credentials, hackers will automate the login process on thousands of different websites in hopes of gaining access to accounts like your online banking platform. This hacking technique is called credential stuffing

Another way a hacker could get your information is through Spear-Phishing. Phishing is a cyberattack where an ill-intentioned person poses as a legitimate and reputable business that tricks people into sending the hacker their personal information, usually from a fraudulent link, email attachment, or website. Sensitive information that hackers target includes usernames, passwords, and credit card information. To learn more about this hacking technique read our blog Surviving a Spear-Phish Attack.

These hacking techniques are very common because the majority of people use the same login credentials on multiple websites.

If you want to know if your information has been compromised in a data breach, enter your email into this website: Have I Been Pwned?

How do I keep my password safe?

Use a strong password

Use a password manager

Change your password every three to six months

Use 2 Factor Authenticator also known as 2FA

Don’t recycle an old password

Do not write your password down

Is your password strong enough? A strong password is:

At least 12 characters long

A phrase not a single word, i.e. “email protected

Contains both upper and lower-case characters and special symbols

NOT a single word

NOT based on your personal information, names of family members, pets, friends, birthdays, etc.

NOT a word or a number pattern

Keep all your passwords secure and manageable

A Password Manager is an encrypted web application that allows users to store their login credentials. From your NDAX account to your social media accounts, the majority of websites are compatible with Password Managers.

Using a password manager is a great way to generate a secure password and helps you avoid using the same password on multiple websites. Check out these password managers (NDAX has no affiliation with any of these service providers):

1 Password



Kee Pass

When was the last time you changed your password?

If you use the same password on NDAX and on ANY other site, we recommend you change it. Get step by step instructions on how to change your password by visiting this support article.](https://help.ndax.io/en/articles/3751682-how-do-i-change-my-password

2FA is your last line of defence

You can add an additional layer of security by implementing 2FA on your online accounts. 2FA helps protect your online accounts over and above just using your username and password. Even if a hacker gets access to your username and password, 2FA will prevent access to your account.

The process is simple, after you login to an account with your username and password, you will be asked to enter a 6-digit code that is refreshed every 30 seconds on your two-factor authentication app. This ultimately prevents unauthorized access to your account even if your password has been compromised.

There are many 2FA applications out there, but NDAX’s favourites are Authy and Google Authenticator. Get instructions on how to activate Authy on your NDAX account here](https://help.ndax.io/en/articles/3751781-setting-up-authy-for-2fa), and instruction on how to activate Google Authenticator [here

To learn more about 2FA read our Advanced Security Systems with 2FA

If you still have questions on how you can keep your password secure, feel free to contact NDAX Support Chat.
Was this article helpful?
Thank you!