Keeping your Robinhood Account Secure
As our world becomes even more digitally connected, bad actors are increasingly looking to gain access to personal information and digital accounts across the industry.
At Robinhood, the safety, security, and reliability of our platform are top priorities. We’re constantly working to ensure that we provide an easy to use platform and a great customer experience with the controls, infrastructure, and operations needed to ensure Robinhood is one of the safest places for investors to build their financial futures. And participation is power: there are steps you as a customer can take today to better keep your account safe.
How you’re protected
To help protect your account, we automatically secure all Robinhood accounts with Trusted Devices—a layer of security that requires you to enter an additional verification code when signing in from a new device, such as a new phone or laptop. Our security team works to identify and remove bad actors trying to steal credentials from our customers and we are building advanced detection technology designed to identify attackers before they cause harm or disruption. We offer many industry-standard, high-level measures to protect your account. And we want to share those with you here.
- Your account password is hashed using the industry-standard BCrypt hashing algorithm, and it’s never stored in plaintext.
- Sensitive details, such as your Social Security number, are encrypted before they’re stored.
- Our mobile and web applications securely communicate with our servers using the Transport Layer Security (TLS) protocol with up-to-date configurations and ciphers.
- Once we verify your banking credentials, we’ll never access them again. We use trusted third-party integrations to access information about your bank account, such as your account number and available balance.
- Once we determine that someone has taken over your account, we prevent unknown devices from accessing your cash.
What you can do
Of course, the best defense is always our informed, vigilant customers. There are several steps you can take to protect yourself and your information:
- Enable Two-Factor Authentication (2FA) to add an additional layer of security to your account.
- Use a strong password for your Robinhood account, and consider using a password manager to generate and store your passwords. Keep your Robinhood account credentials private, including your username and password, and make sure you don’t use this password for any other app or service. A strong, unique password can mean the difference between a safe and a vulnerable account. You can review our tips on strengthening your password here.
- Device Monitoring allows you to view and manage every device that has been used to log in to your Robinhood account. Check your devices for any you don’t recognize and report unauthorized activity to us as soon as possible. If you notice any unusual or fraudulent activity, remove the suspect device and secure your account so we can help.Securing your account logs you out of your Robinhood account on all devices and requires you to reset your password. Note that it will also restrict your ability to withdraw funds from your account until you verify your identity, which you’ll do by re-uploading a photo of your ID.
Finally, keep in mind that Robinhood Support will never do the following:
- Send you links within text messages.
- Ask you to send money through different apps such as CashApp or WhatsApp or via text messages.
- Ask you for your account password or Two-Factor Authentication (2FA) codes.
- Ask you for information or credentials regarding your accounts on other trading platforms or services.
- Request that you download remote desktop access software.
Understanding how attackers can get access to your information is one of the most important parts of knowing which steps to take to protect yourself and your information. Learn how to identify scams to help safeguard your information.