If there is a data breach on a website, hackers can potentially get access to your personal and confidential information including your login credentials. Armed with your personal credentials, hackers will automate the login process on thousands of different websites in hopes of gaining access to accounts like your online banking platform. This hacking technique is called credential stuffing.

Another way a hacker could get your information is through Spear-Phishing. Phishing is a cyberattack where an ill-intentioned person poses as a legitimate and reputable business that tricks people into sending the hacker their personal information, usually from a fraudulent link, email attachment, or website. Sensitive information that hackers target includes usernames, passwords, and credit card information. To learn more about this hacking technique read our blog Surviving a Spear-Phish Attack.

These hacking techniques are very common because the majority of people use the same login credentials on multiple websites.

If you want to know if your information has been compromised in a data breach, enter your email into this website: Have I Been Pwned?


How do I keep my password safe?

  • Use a strong password
  • Use a password manager
  • Change your password every three to six months
  • Use 2 Factor Authenticator also known as 2FA
  • Don’t recycle an old password
  • Do not write your password down

Is your password strong enough? A strong password is:

  • At least 12 characters long
  • A phrase not a single word, i.e. “[email protected]$$Pw”
  • Contains both upper and lower-case characters and special symbols
  • NOT a single word
  • NOT based on your personal information, names of family members, pets, friends, birthdays, etc.
  • NOT a word or a number pattern


Keep all your passwords secure and manageable

A Password Manager is an encrypted web application that allows users to store their login credentials. From your NDAX account to your social media accounts, the majority of websites are compatible with Password Managers.

Using a password manager is a great way to generate a secure password and helps you avoid using the same password on multiple websites. Check out these password managers (NDAX has no affiliation with any of these service providers):


When was the last time you changed your password?

If you use the same password on NDAX and on ANY other site, we recommend you change it. Get step by step instructions on how to change your password by visiting this support article. If you have any questions about this process or require any additional assistance, please contact the NDAX Support Team.


2FA is your last line of defence

You can add an additional layer of security by implementing 2FA on your online accounts. 2FA helps protect your online accounts over and above just using your username and password. Even if a hacker gets access to your username and password, 2FA will prevent access to your account.

The process is simple, after you login to an account with your username and password, you will be asked to enter a 6-digit code that is refreshed every 30 seconds on your two-factor authentication app. This ultimately prevents unauthorized access to your account even if your password has been compromised.

There are many 2FA applications out there, but NDAX’s favourites are Authy and Google Authenticator. Get instructions on how to activate Authy on your NDAX account here, and instruction on how to activate Google Authenticator here.

To learn more about 2FA read our Advanced Security Systems with 2FA blog where we explore the advantages of using 2FA and highlight the differences between the major 2FA authenticators.


If you still have questions on how you can keep your password secure, feel free to contact NDAX Support Chat.

Did this answer your question?