Security Best Practices
We encourage turning on Two-Factor Authentication (2FA) to add an additional layer of security to your account. 2FA helps protect your account by requiring two sources of verification to sign in to your account: something you know (your password) and something you have (a one-time code). Every time you log in or make changes to your account, you’ll be prompted for a verification code. This step helps protect your account, even if someone knows or guesses your password.
We highly recommend using an authenticator app as your preferred 2FA method. Text messages rely on your phone number, which is more vulnerable to certain types of attacks. Authenticator apps generate your verification codes directly on your device. They're accessible even if you're traveling to a place with weak or no cellular service.
We encourage you to set up 2FA for all your online accounts—especially for the email associated with your Robinhood account and your phone provider.
One of the most important things you can do is use a strong password for your Robinhood account. A strong password:
A great way to make a strong password is to use a passphrase that’s easy for you to remember, but difficult for others to guess. You can also consider using a password manager to create and store strong passwords as well.
Never share your password. If you’ve shared your Robinhood credentials with anyone else or if you use the same password for a different online account, please change your password immediately and enable 2FA for your Robinhood account.
Device Monitoring allows you to view and manage every device that has been used to log in to your Robinhood account.
To view your devices in the app:
It’s important to remain vigilant and keep an eye on your activity. We recommend regularly reviewing the listed devices and removing any you don’t recognize or no longer use. If you see activity that you don’t recognize or didn’t authorize on your account—or have any other reason to believe it has been compromised—contact Robinhood Support immediately by emailing firstname.lastname@example.org or by requesting a call from a live agent within the Robinhood app.
You can also choose to secure your account, which logs you out of your account on all of your devices and requires you to reset your password. Note that it will also restrict your ability to withdraw funds from your account until you verify your identity, which you’ll do by re-uploading a photo of your ID.
Scammers can target any account, and learning how to identify scams can help you safeguard your information.
Phishing is a common way scammers try to target you in order to obtain sensitive information, such as your username and password, account information, or Social Security number. A scammer may call, email, or text you, or even reach out to you via social media, pretending to be someone from Robinhood or another company or authority you know or trust. Remember that scam websites, links, and social media profiles may look similar to real websites or profiles you recognize.
Robinhood Support will never do the following: