Account & Security

Security Best Practices

Keep your account and API keys secure with these recommended practices.

RX
ReconX Team··2 min read

Account Security Basics

Your ReconX account provides access to sensitive breach intelligence. Following these security practices protects both your account and the data you access.

Strong Password Guidelines

Your password is your first line of defense:

  • Length matters most - Use at least 16 characters
  • Avoid common patterns - No keyboard walks (qwerty), no dates, no names
  • Use a password manager - Generate and store unique passwords
  • Check for exposure - Use ReconX to verify your password hasn't been leaked

A passphrase like "correct-horse-battery-staple-42" is both strong and memorable.

Enable Two-Factor Authentication

2FA should be enabled on every ReconX account. It prevents unauthorized access even if your password is compromised. See our dedicated 2FA guide for setup instructions.

Session Security

Protect your active sessions:

  • Log out on shared devices - Never stay logged in on public computers
  • Review active sessions regularly - Check for unfamiliar devices
  • Use secure networks - Avoid accessing sensitive data on public WiFi
  • Lock your screen - Don't leave your session unattended

API Key Security

If you use the ReconX API, treat your keys like passwords:

  • Never commit keys to code repositories - Use environment variables
  • Rotate keys regularly - Generate new keys every 90 days
  • Use separate keys - Different keys for different applications
  • Monitor usage - Watch for unexpected API activity
  • Revoke immediately if compromised - Don't wait to see if it's abused

Recognize Phishing Attempts

ReconX will never:

  • Ask for your password via email
  • Send you links to log in (bookmark the real site)
  • Request your 2FA backup codes
  • Call you about account issues

Always access ReconX by typing the URL directly or using a bookmark.

Secure Your Research

When working with breach data:

  • Don't share findings publicly - Leaked credentials shouldn't be posted online
  • Store downloads securely - Encrypt sensitive exports
  • Delete when done - Remove breach data you no longer need
  • Follow responsible disclosure - Notify affected parties appropriately

Regular Security Checkups

Perform these checks monthly:

  1. Review active sessions and revoke suspicious ones
  2. Check API key usage for anomalies
  3. Ensure 2FA is still active
  4. Update your password if it's been several months
  5. Review notification settings

What To Do If Compromised

If you suspect your account has been compromised:

  1. Change your password immediately
  2. Revoke all API keys
  3. Log out of all sessions
  4. Enable 2FA if not already active
  5. Contact support - We can help investigate
  6. Review your search history - Check for unauthorized activity
Share this article
RX

ReconX Team

Expert in cyber intelligence, threat analysis, and security research. Contributing insights and analysis to help security professionals stay ahead of emerging threats.

Was this article helpful?

Related Articles

Account & Security

Account Settings Guide

2 min read

Account & Security

Two-Factor Authentication

2 min read

Getting Started

Welcome to ReconX

3 min read

Back to Help Center