Protecting your Uphold wallet
Your Uphold wallet is the gateway to your digital assets. Protecting access requires a combination of secure credentials, multi-factor authentication, device hygiene, and vigilance against fraud. Use a strong unique password — one that you don’t reuse on other services — and pair it with a second factor such as an authenticator app (TOTP) or a hardware security key for the highest assurance.
What to do if you suspect suspicious activity
If you notice unexpected transactions or sign-in attempts, immediately change your password, revoke active sessions from your account settings, and contact support. Keep records of transaction IDs and timestamps. Temporarily pause automated transfers where available, and move remaining funds into a cold storage wallet if you control private keys elsewhere. Prompt action limits exposure.
Common attacks and how to avoid them
Phishing remains the most common vector for account compromise. Always verify URLs, check for HTTPS and valid certificates, and never enter credentials from links in unsolicited messages. Beware of fake support numbers and social-engineering attempts. Do not share verification codes or private keys with anyone; legitimate services never ask for them in chat or email.
Best practices for long-term safety
Regularly review your device security: keep operating systems and browsers up to date, use reputable antivirus tools, and lock your device with a strong passcode. Consider a hardware wallet for significant holdings and maintain encrypted backups of any recovery phrases you control. Store recovery material offline and in multiple secure locations.
Understanding session and device management
Modern wallet platforms let you view active sessions and authorized devices. Periodically check this list and revoke any unfamiliar sessions. Signing out remotely and rotating API keys, if used, are useful mitigations after a potential compromise. Short session lifetimes reduce risk if a device is lost or stolen.