Security Instructions

We are vigilant in maintaining the security of our website and services.

Maintaining the confidentiality of account information, including login credentials, recovery key, and private keys is the responsibility of the user.

Please refer to our Terms and conditions for more detailed information.

The following actions should prevent the scenarios listed below.

Security instructions

We kindly advise you to follow these guidelines to help secure your account and funds:

  1. Update your GateHub access email security (create and use an email dedicated exclusively for GateHub, use a unique password and enable 2-Factor Authentication for your email).
  2. Bookmark gatehub.net to avoid falling victim to phishing sites. It is also recommended to enable auto-update for your browser.
  3. Update your GateHub login password (make sure to use a strong and unique passphrase). A password manager like LastPass or KeePass can help you generate and store all your passwords.
  4. Enable 2-Factor Authentication for your GateHub account and safely store the 2FA backup code (“Authentication key”).
  5. Make sure your GateHub recovery key and other credentials (i.e. Ripple secret keys) are stored in a safe place (offline storage or paper copies). A password manager can usually be used to store information other than passwords safely. We advise against saving your sensitive information in your email or any other online storage.

In the event of a detected security breach, we advise you to create a new GateHub account and transfer any remaining funds to a new Ripple or hosted wallet.

Possible scenarios

A user email account is compromised.

  • User email is compromised and attackers are able to extract the account or wallet credentials (recovery key, Ripple secret key).

A GateHub account is compromised.

  • User credentials are entered at a phishing website which allows attackers access to an account.
  • User email is compromised and attackers are able to extract login information.
  • User security settings are too weak (password strength, disabled 2FA).

A Ripple secret key is compromised.

  • A Ripple secret key is stored and/or shared online.
  • Whoever owns a Ripple secret key has full control over the contents and actions of a Ripple wallet. By using a Ripple secret key, a Ripple wallet may be manipulated outside of GateHub or within another GateHub account.