Session & Account Controls
Use built-in session management to see active devices and revoke sessions when necessary. Keep an eye on login alerts and withdrawal notices.
Best practices
- Enable two-factor authentication (TOTP or hardware key).
- Use strong passwords and a reputable password manager.
- Enable withdrawal whitelists if available for added safety.
API & Integrations
If using APIs or third-party integrations, grant minimal scopes and rotate keys periodically. Limit IP ranges if the platform supports it.
Device hygiene
Keep the primary trading device patched, avoid browser extensions you don't trust, and use dedicated hardware for large-value operations.