The default security
STEX is committed to securing users data and funds, to accomplish this STEX offers you an entire security control centre. Read more about the security to stay safe.
Change the password
If you reset your password, our system automatically blocks the funds withdrawal for 48 hours. These actions are carried out for your account security.
New device (browser/ IP address) login message
When you login to account from a new device/ browser/ IP address, you will always receive a notification in your email. If it wasn’t you, the instant account freeze option is available in the email or you can contact the STEX support team.
Terminate all active sessions
This method will allow you to logout all possible attackers from your account. By pressing the button, only your session will remain active. Here you can see a list of all devices and browser that have accessed your account, and if you see a device you don't recognise, you can log out your STEX account from all other devices, leaving only your login session active.
To do this, go to “Profile”. In the sidebar ''Menu'', select “Account settings” and scroll down the page, then click on “Terminate other sessions”.
For enhanced security, a login session lasts 12 hours, then you will be automatically logged out.
The latest activity (Authorization history)
Here you can also monitor your login history.
To do this, go to “Profile”. In the sidebar “Menu”, select “Account settings” and scroll down the page, on the left you will find “Authorization history”.
If you see a device or a web browser you do not recognise please write to support or use "Terminate other sessions" options.
Individual account security settings
Here you can choose the most appropriate option to improve your account security. You can use one or more options together.
If you are not able to login and get an error message, you can find a solution to the problem here.
Allow to login from IPs
You can turn on the list of IP addresses from which you can login. Your STEX account cannot be logged in from any other IPs outside this list.
To do this, you should go to “Profile”, select “Account settings” tab and click on “Activate” next to the corresponding line.
Then you should enter the list of IP addresses via ‘ ; ’
Web Authentication with Security Key
Universal WebAuthn (Web Authentication) is a web standard published by the World Wide Web Consortium (W3C). WebAuthn is a core component of the FIDO2 Project under the guidance of the FIDO Alliance that strengthens and simplifies two-factor authentication using a specialized NFC, built-in platform biometric sensors, Bluetooth Low Energy, or a USB security device such as the Yubikey, Ledger or Trezor Wallet.
A WebAuthn (Web Authentication) can be used as an additional method of strong, easy to use, and a highly private second factor of verification before performing logins and confirming withdrawals.
Email Encryption (PGP) is a data encryption and decryption program that provides cryptographic privacy and authentication for data transmission. It uses a variation of the public key system.
The instruction on how to set up it, you can find here.