Account protection: Difference between revisions

From xat wiki
mNo edit summary
No edit summary
(36 intermediate revisions by 9 users not shown)
Line 3: Line 3:
<translate>
<translate>


==xat Account Protection== <!--T:11-->  
<!--T:39-->
This article will provide you with information on different security settings on xat and how they work. Although these security settings can increase your account's security, you should not rely on them completely. We also have other [[:Category:Security|security guides]] you may want to check.


<!--T:3-->
<!--T:40-->
Account Protection is activated '''on all xat accounts''', however it can be disabled on the login page. When xat notices a login from a different location, it requires you to use a special link that is emailed to you.  
'''IMPORTANT:''' xat staff or [[<tvar|1>Special:MyLanguage/volunteers</>|volunteers]] will '''never''' ask you to turn off account locking, nor any other security feature. If anyone asks you to turn off account locking, they could be trying to access your account and steal your xats/days/powers.


<!--T:24-->
===5-day hold=== <!--T:9-->
This system has been put in place to prevent unauthorized users from gaining access to your account. The special link changes every time you login, so you don't need to save them.


<!--T:4-->
</translate><span id="hold"></span><translate>
As an extended layer of protection, xat has integrated Google Authentication. This generates a random code sent to your cell phone for each time you login to your account. See [http://util.xat.com/wiki/index.php/Authentication Authentication] for more information.


===Remember:=== <!--T:12-->
<!--T:10-->
If xat detects irregularities in your account and suspects [[<tvar|1>Special:MyLanguage/Phishing</>|phishing]] on your account, you may be blocked from transferring and trading for 5 days. This allows you time to fix the problem and prevents phishers from transferring away your xats or days. This can not be deactivated and applies to all accounts.


<!--T:6-->
==Account Protection== <!--T:11-->
*Never use the same password for your email and your xat ID. Change your password every three months.


<!--T:7-->
</translate><span id="protection"></span><translate>
*Never share the login links xat emails you.


<!--T:8-->
<!--T:3-->
*If someone offers you free xats or free promotion they are probably a scammer.
This option is activated on all user accounts by default and can be disabled at the login page. When xat notices a login from a different location, you are required to log in through a link sent to the email account that you used to create your xat account.  


===5 days hold=== <!--T:9-->
<!--T:24-->
This system has been put in place to prevent unauthorized users from gaining access to your account. The special link changes every time you log in, so you don't need to save it. If you randomly receive a login link via e-mail when you have not attempted to log in, you should immediately change your account password.


<!--T:10-->
<!--T:41-->
If xat detects irregularities in your account and suspects [[Phishing]] on your account, it may be blocked from transferring for 5 days. This allows you time to fix the problem and prevents phishers from transferring away your xats or days. This can not be deactivated and applies to all accounts.  
'''Please note, before disabling this setting, that a 3-day hold will be placed on your account if you do choose to disable it.'''


=Account Locking= <!--T:13-->
==Account Authentication== <!--T:42-->


<!--T:14-->
</translate><span id="authentication"></span><translate>
If you only use your xat account at home you can turn on account locking. This will make it a lot harder for unauthorized users to gain access to your account.


<!--T:15-->
<!--T:4-->
'''IMPORTANT:''' xat staff will never ask you to turn off account locking. If anyone asks you to turn off account locking they are trying to access your account and steal your xats/days/powers.  
As an extended layer of protection, xat has integrated Google Authentication. Authentication is not activated by default and must be manually enabled by users. Google Authenticator will generate random codes that will give you access to your account. In order to encourage users to enable this setting and protect their accounts, this has been made a requirement for [[<tvar|1>Special:MyLanguage/Tickle</>|Tickle]] power.  


<!--T:25-->
<!--T:43-->
'''Note:''' If someone is claiming to be a xat staff, open a [[ticket]].
See the [[<tvar|1>Special:MyLanguage/Authentication</>|Authentication]] article for more information on this feature.


<!--T:16-->
==Account Locking== <!--T:13-->
If you moved locations or change Internet Providers, you must turn off locking before you login on the new internet/service provider.


<!--T:17-->
</translate><span id="locking"></span><translate>
You shouldn't rely 100% on Account Locking. You still need to protect your passwords, see: [[Phishing]]


===Instructions on how to enable/disable xat Account Locking=== <!--T:18-->
<!--T:44-->
Login [http://xat.com/login here], then click the drop down next to ''"xat account locking"'' and choose '''On (locked)''' to enable or '''Off (not locked)''' to disable.
When you have this option enabled, xat will block any login attempts that are not coming from your home location. You can only log in from your home location, no matter what. To enable this setting, you must be at your home location. If you have moved locations or changed your internet service provider (ISP) since you registered, you will need to request a location update via ticket.


===Frequently Asked Questions=== <!--T:19-->
===Frequently Asked Questions=== <!--T:19-->
'''Q. What happens if I have account locking on and I try to login into another computer elsewhere?
 
</translate><span id="faq"></span><translate>
 
<!--T:38-->
'''Q. What happens if I have account locking on and I try to log in to another computer elsewhere?


<!--T:26-->
<!--T:26-->
You will be unable to login. (PLEASE TURN OFF LOCKING IF YOU PLAN TO MOVE OR TRAVEL.)
You will be unable to log in. Make sure to turn off account locking if you are planning to travel or move.


<!--T:20-->
<!--T:20-->
'''Q. What if I have a dynamic IP, can I still login with account locking enable? Will it adjust to my dynamic IP?
'''Q. What if I have a dynamic IP; can I still log in with account locking enabled? Will it adjust to my dynamic IP?


<!--T:27-->
<!--T:27-->
Some reports say this doesn't work. It depends on how your dynamic IP is setup. We recommend not risking it!
In some cases, account locking doesn’t work with dynamic IPs. It depends on how your dynamic IP is setup. It is not recommended to use account locking if you have a dynamic IP.


<!--T:21-->
<!--T:21-->
Line 66: Line 66:


<!--T:28-->
<!--T:28-->
Go to http://xat.com/ticket and open a ticket with "Help Topic" set to "Locked Out". For a more detailed tutorial on how to do so please see [[LockedOut]].
Go to <tvar|2>https://xat.com/ticket</> and open a ticket with the Help Topic set to "Locked Out". For a more detailed tutorial on how to do so, please see the '''[[<tvar|1>Special:MyLanguage/Locked out</>|Locked out]]''' guide.


<!--T:22-->
<!--T:22-->
Line 72: Line 72:


<!--T:29-->
<!--T:29-->
Account Locking depends on where your location is. If you take your laptop etc. to another location (like cafe) you will be locked out.
Account Locking depends on where your location is. If you take your laptop or other device to another location and attempt to login to your account, you will be locked out.


<!--T:23-->
<!--T:23-->
'''Q. Why can't I turn on locking?
'''Q. Why am I unable to turn on account locking?


<!--T:30-->
<!--T:30-->
This happens if you try to lock your account away from where you registered. Ask http://xat.com/ticket to update your location.
If you moved locations after enabling account locking on your xat account, open a [<tvar|1>https://xat.com/ticket</> ticket] with the Help Topic set to "Location Update".


</translate>
</translate>
[[Category:Security]]
{{Category|Security}}

Revision as of 17:53, 26 December 2018

This article will provide you with information on different security settings on xat and how they work. Although these security settings can increase your account's security, you should not rely on them completely. We also have other security guides you may want to check.

IMPORTANT: xat staff or volunteers will never ask you to turn off account locking, nor any other security feature. If anyone asks you to turn off account locking, they could be trying to access your account and steal your xats/days/powers.

5-day hold

If xat detects irregularities in your account and suspects phishing on your account, you may be blocked from transferring and trading for 5 days. This allows you time to fix the problem and prevents phishers from transferring away your xats or days. This can not be deactivated and applies to all accounts.

Account Protection

This option is activated on all user accounts by default and can be disabled at the login page. When xat notices a login from a different location, you are required to log in through a link sent to the email account that you used to create your xat account.

This system has been put in place to prevent unauthorized users from gaining access to your account. The special link changes every time you log in, so you don't need to save it. If you randomly receive a login link via e-mail when you have not attempted to log in, you should immediately change your account password.

Please note, before disabling this setting, that a 3-day hold will be placed on your account if you do choose to disable it.

Account Authentication

As an extended layer of protection, xat has integrated Google Authentication. Authentication is not activated by default and must be manually enabled by users. Google Authenticator will generate random codes that will give you access to your account. In order to encourage users to enable this setting and protect their accounts, this has been made a requirement for Tickle power.

See the Authentication article for more information on this feature.

Account Locking

When you have this option enabled, xat will block any login attempts that are not coming from your home location. You can only log in from your home location, no matter what. To enable this setting, you must be at your home location. If you have moved locations or changed your internet service provider (ISP) since you registered, you will need to request a location update via ticket.

Frequently Asked Questions

Q. What happens if I have account locking on and I try to log in to another computer elsewhere?

You will be unable to log in. Make sure to turn off account locking if you are planning to travel or move.

Q. What if I have a dynamic IP; can I still log in with account locking enabled? Will it adjust to my dynamic IP?

In some cases, account locking doesn’t work with dynamic IPs. It depends on how your dynamic IP is setup. It is not recommended to use account locking if you have a dynamic IP.

Q. I am locked out! Now what?

Go to https://xat.com/ticket and open a ticket with the Help Topic set to "Locked Out". For a more detailed tutorial on how to do so, please see the Locked out guide.

Q. If I have a laptop, can I always stay logged in?

Account Locking depends on where your location is. If you take your laptop or other device to another location and attempt to login to your account, you will be locked out.

Q. Why am I unable to turn on account locking?

If you moved locations after enabling account locking on your xat account, open a ticket with the Help Topic set to "Location Update".