Safety and security are key components that have been integrated into the Bullish user experience. That said, no security is perfect, and there are instances outside of Bullish’s control which may put your account at risk.
Beware of scams
- Our Customer Support team and any other Bullish employee will never ask for your password or any other information required to log into your account.
- Keep your account details private and do not share them with anyone.
- If you are asked to provide such information by an unknown party, please reach out to our Customer Support for assistance.
Only transfer funds to addresses you trust
- For added security and peace of mind, we strongly suggest you only transfer assets to an external wallet that is either your own or a recipient’s whose identity you trust to avoid having your funds potentially stolen.
- When depositing or withdrawing funds, make sure to double-check that all entered information is correct before proceeding.
- In the event you may have entered the wrong deposit details to transfer assets from your external wallet into your Bullish account, refer to Using an incorrect wallet address to deposit or withdraw assets.
Do not log into your account using a public or shared device
- If you must log into your Bullish account using a shared device, ensure that only you have the access to both your password and your two-factor authenticator. To learn more about how to register a passkey or a TOTP authenticator to your account, refer to Managing your two-factor authenticators.
- We recommend you log out of your account and close your browser every time you exit the exchange. You will automatically be logged out after 24 hours and required to log back in.
- Last, make sure your device(s) and browser are running the latest updates and regularly scan for potential viruses and malware, using trusted anti-virus and anti-malware software.
Secure your email account
- Enhance the security of the email account associated with your Bullish account.
- Use a strong passphrase or password including various characters, and store it with a password manager whose reputation and track record you trust.
- Enable multi-factor authentication if your email provider offers it.
- Do not allow anyone else access into your email account.
- If you must use a public device, do not choose the Remember me on this device box when you log into your email.
Keep track of your authentication devices
- If you are using an external hardware passkey to log into the exchange, such as YubiKey®, make sure to keep a close eye on it and that only you know it is stored when unused.
- Learn more about which external hardware passkeys you can use.