Why do I need to set a secret phrase?

A Secret Phrase can help you verify that you are using authentic StellarTerm website and save you from phishing attacks. 

It is saved locally in your browser, and should always be present on the login page of StellarTerm.

What is a phishing attack?

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.

Example of a phishing attack:

1. A user gets a message promising easy money on social media or via email.

2. The message/post usually contains the link to the fake StellarTerm website disguised to look like a normal website so a user won't notice.

For example, such websites often have an extra letter or a Unicode symbol to its name: stelllartérm.com 

Always make sure you are on the correct website and don't follow links that look suspicious. 

3. A user opens the fake StellarTerm website and inserts a secret key into the input field.

4. Money is gone.

The Secret Phrase could be configured by following these steps:

1) Open the 'Access your account' page and click on the 'Configure Secret Phrase' button

2) In a pop-up window click on the 'Generate' button and then save your phrase

3) Secret Phrase will appear on the 'Access your account' page every time you log in

Another effective way to protect your Stellar account from phishing is to enable multisignature protection.

We also recommend following the official StellarTerm Twitter and Medium accounts to receive reliable information on the service.