Segurança
Autenticação de dois fatores, sessões, phishing, PGP e proteção dos seus fundos.
Artigos (10)
How do I enable two-factor authentication (2FA)?
Profile → Security → Enable 2FA. Use an authenticator app (Aegis, Google Authenticator, 1Password) — never SMS.
How do I recognize Cinoslots phishing attempts?
Phishing sites mimic our login page on lookalike domains. Always check the URL and look for the official 'verified' badge in your browser.
What are 2FA backup codes and how do I use them?
8 single-use codes printed when you enable 2FA. Save them offline — they're your fallback if you lose your phone.
How does Cinoslots store player funds?
98% of player funds are in offline cold storage with multi-sig. Hot wallet holds only what's needed for the next 24h of withdrawals.
My account is locked — how do I unlock it?
Most lockouts are 30-minute auto-cool-offs after failed login attempts. Permanent locks need manual review with ID.
How do I see and revoke active sessions?
Profile → Security → Active sessions shows every device logged in. Sign out anything you don't recognize, then change your password.
What is address poisoning and how do I avoid it?
Malware or copy-paste attacks that swap your destination address with the attacker's. Always verify first 4 + last 4 characters.
Can I lock my account to only withdraw to specific addresses?
Yes — Profile → Security → Withdrawal allowlist. Adds a 24h cool-off when modifying the list, blocking takeover drainage.
What is a trusted device and should I mark mine as trusted?
Skips 2FA prompt on a specific device for 30 days. Use ONLY on personal devices you fully control.
What is the Cinoslots PGP key and when should I use it?
Use it to encrypt sensitive emails to [email protected] (bug reports, KYC documents). Available at /pgp-key.txt.