To ensure your account is as secure as possible, we recommend the following steps to protect your account.
Make sure your email is secure. Your email is the most important connection to NiceHash account. You can use https://haveibeenpwned.com/ to see if your email address has ever been compromised in any security breach. Hackers will try to use your email to log in to crypto related sites, so make sure your email has not been compromised. It is a good practice to have a separate email for financial/crypto related accounts.
NiceHash employees will never ask for your password. Never tell your password(s) to anyone.
We recommend you use a password manager such as KeePass, the free and open source password manager.
Make sure you always use a complex and unique password that is not used on any other website or service.
You can also follow these common guidelines for strong passwords.
We highly recommend the use of 2FA or two-factor authentication security feature, when using important websites or services. This greatly reduces the risk of being hacked online. See this article on how to setup 2FA Security with NiceHash.
Phishing attacks are very common online security threats. Attackers usually set up the same looking website or they send the same looking email with malicious links and malware. Always bookmark important websites and access them only via bookmarks. The only genuine NiceHash website is the one that uses the lock symbol with H-BIT, d.o.o. signed security certificate.
Under your NiceHash account settings, you can manage sessions/devices that you trust. Trusted devices do not require two-factor verification to log in.