Crypto Fortune
Get started
Trust & Safety

Security Center

How we protect your account, your funds, and your data — and how you can help.

Hashed passwords

Passwords are stored using bcrypt, a one-way hashing algorithm. We never see your password in plain text and cannot recover it for you.

Encrypted transit

All traffic is served over TLS. Sensitive form fields are never sent in clear over the network.

KYC on a private disk

Identity documents are stored on a non-public disk with restricted access. They are used only for verification and not shared with third parties.

Email verification

New accounts must verify their email before they can use the platform — preventing typos and abuse of others' email addresses.

KYC-gated withdrawals

Withdrawals require approved identity verification, which adds a layer of protection if your account is ever accessed without permission.

Manual withdrawal review

Every withdrawal request is reviewed before funds leave the platform. Suspicious patterns are flagged and pause processing.

Transaction ledger

Every deposit, withdrawal, trade, and yield event is logged on your account ledger and is auditable by you at any time.

On-chain confirmations

Crypto deposits only credit after the required number of on-chain confirmations are observed by our payment provider.

What you should do

  1. Use a strong, unique password — at least 12 characters, not reused on any other site. A password manager makes this easy.
  2. Watch out for phishing — we will never ask for your password, seed phrase, or 2FA code by email or chat. Always check the URL before signing in.
  3. Verify your withdrawal address twice — crypto transactions are irreversible. Always copy-paste, never retype, and double-check the first and last four characters.
  4. Keep your email account secure — your email is your account recovery channel. Protect it with a strong password and 2FA.
  5. Report anything suspicious — if something doesn't look right, use Report Abuse immediately.

Responsible disclosure

Found a vulnerability? Email security@fortunecrypto.us with a clear description and reproduction steps. Please do not publicly disclose the issue until we've had a reasonable chance to investigate and fix it.