Help Center · Security · Resources

Log In | Uphold®: | Sign In to Your Account

This page explains the sign-in process, security best practices, and account recovery tips. Use the form to sign in securely or read the guidance if you’ve forgotten credentials.

Sign-in Overview and Best Practices

Why a secure login matters

Protecting your account protects your funds, personal identity, and transaction history. A secure sign-in reduces the risk of unauthorized access and fraud.

Multi-factor authentication (MFA)

Enable MFA (also called two-factor authentication) — ideally an authenticator app (TOTP) or hardware key — to add a second layer beyond your password. SMS-based codes are better than nothing but less secure than an authenticator or security key.

Password strategy

Use a long, unique password that you don’t reuse across sites. A password manager helps generate and store complex passwords. Aim for a passphrase or a string ≥ 12 characters containing mixed character types for maximum resilience.

Recognizing phishing attempts

Phishing messages try to trick you into revealing credentials. Look for mismatched sender addresses, generic greetings, urgent or threatening language, or links that don’t match the expected domain. When in doubt, navigate directly to the official site or use your bookmarked link rather than clicking an email link.

Account recovery and contact procedures

Keep your recovery email and phone number up to date. If you lose access, follow official account recovery instructions: provide requested identity info only through the secure channels described in the platform’s help center. Never share verification codes or full documents via public channels or unsolicited emails.

Device trust & session management

Only select “Remember this device” on devices you control. Regularly review active sessions and sign out of devices you no longer use. Be cautious when using public or shared computers—avoid “remember me” on those devices.

Privacy and permissions

Platforms may request permissions for notifications or location. Grant the minimum permissions required for features you intend to use and review privacy settings periodically.

Quick troubleshooting

  • Forgot password — use the "Forgot password" flow to reset via your recovery email.
  • Sign-in blocked — check your email for an alert; follow platform instructions and contact support if necessary.
  • Suspicious activity — immediately change your password, revoke sessions, and enable MFA if not already enabled.

The guidance above is general and intended to help keep your account secure. Always follow official platform instructions for any account-specific steps.

Security: deeper guidance

Account hardening checklist

  1. Enable an authenticator app or hardware key for MFA.
  2. Set a unique, long password using a password manager.
  3. Verify recovery options (email, phone) and confirm they are secure.
  4. Review active sessions and revoke any unfamiliar devices.
  5. Monitor account activity and transaction notifications.

When to contact support

Contact official support if you see transactions you don’t recognize, cannot access your recovery email or phone, or receive threats/blackmail. Use only the official support channels listed above; do not respond to unsolicited support-style messages outside those channels.

Legal and compliance notes

All account actions must follow platform policies and terms of service. Providing false identity details during recovery may delay or block access. For account closure or disputes, follow the documented procedures.