The Kriptomat team takes security extremely seriously. That is why we have implemented multiple organizational and technical security measures. Having that in mind, we prepared some security recommendations for you, and we suggest that you follow them:
Use unique credentials for both Kriptomat account and email account
We can’t stress this enough: please do not reuse the password for your Kriptomat account anywhere else. Apart from being unique, your password should be complex and changed periodically (e.g on every two months).
You can go even further: create an email account that will be used only for purposes related to Kriptomat.
Enable Google 2FA
Google two-factor authentication (2FA) is considered a slightly more secure than 2FA based on SMS. You should use this security measure on your email account that you use for Kriptomat as well.
Communication with our customer support
Kriptomat Team members will never ask you to install any applications on your device. The only exception here is that we recommend you to install the Google Authenticator app on your mobile device in order to enable Google 2FA.
At the moment, the only channel that we use for customer support is our chat. This means that we will never contact you via phone. If someone contacts you via phone, they are an impersonator. Please contact us immediately if that happens.
Our official social media accounts are:
Beware of fake websites - possible clones of Kriptomat
Simply bookmark this URL: https://app.kriptomat.io/login and use that bookmark to access Kriptomat. If you find a website that is pretending to represent Kriptomat (this is called a phishing attempt), please let us know immediately.
Kriptomat allows you to see data about every login session made to your account. Navigate to the Settings > Security section where you can see information about time, location, IP address and the used browser for each sign-in and sign-out made on your account.