Our November security update

A new security update will be released in november 2018. In this update there will be major changes on how you log into our exchange. Most of these changes will make logging in much safer for our users. Also signing up will be a bit different. All this will be explained in the following article, as well as:

• More details about what exactly will change about logging in
• Why we use this perticular process
• What will happen to registered accounts and new registering accounts

Logging in

Logging in will be different from November 2018 onwards. The standardized login page will be replaced with a brand new, step method wise, interface.

It will look a bit different than the old/usual one.

For starters, the new one will have no register panel. It will mainly focus on logging into your account in the safest method we are able to. With the clean makeover there will be no distractions whilst logging in. You can solely focus on your credentials.

The new login requires you to log into your account in difference steps. (More about this in the future as we are still announcing these features on Twitter)

Signing up

For the new users, signing up will be mostly the same. Only some small things will change. The most noticeable thing will be that usernames are less free, due to usernames being a second identifiers for our server (So never share these) Usernames can be considered a second password, but not as strong. They should be, however, clear and remember able. But together with a username and email you could reset an account’s password (taking into account they have access to that email address)
So to meet all these criteria, usernames must meet the following criteria:

• Usernames must be 5 or more characters long
• Usernames must be less than 32 characters long
• Usernames must only contain letters, numbers, — or _
• Usernames must only lower case
• usernames can not end in a — or _

RIGHT: d0rity_spr1nkles-3
WRONG: D@RitY*SPR|NKELS_
Although password wise, it would suffice

Further more, signing up now requires you to first confirm your email before logging you in. In the past we have restricted you access to your portfolio before you confirmed your email address. This was a small security issue, and so we decided to change this. Now before you can even log in, or access any authentication functions, you have to confirm you given email address. Afterwards you start your (first) log in process.

Difference

For already existing users, nothing much should have changed. Apart from a new login interface, the username/email and password credentials authentication method should not have changed in any way. They are still in practice. There is one exception however. For usernames that do not meet our new username policy. We shall try to modify their account’s username that to one that do fit our criteria. A fitting email will be sent to the user with information about their username change.

More information

More information about our new features will be coming soon. Keep up with us in our Twitter Feed. Consider following us for all the latest updates on our exchange.

If you have any questions regarding the new security update or this article in particular. Don’t hesitate to to contact us. You can do so via our helpdesk/threading system if you are logged in. Or with our contact form. Although threads are much easier to converse, so consider creating an account.