Ctrader Security Questions

Created at 05 Mar 2020, 00:46
Subscribe
How’s your experience with the cTrader Platform?
Your feedback is crucial to cTrader's development. Please take a few seconds to share your opinion and help us improve your trading experience. Thanks!
NE

NE539

Follow

Joined 07.01.2020

Ctrader Security Questions
05 Mar 2020, 00:46

I have some security related questions:

1:

It seems there is no 2fa for Ctrader standard login, but you can log in with Google 2fa? But what is the point of that if the standard single password still allows you access? Can you limit login to just google 2fa? Is there a plan to add 2fa?

2:

Is there a way to disable login with the connected email address, and only use the ID for login purposes?

3:

It seems you can only use one Ctrader connected email, so that is the email you have to use for push-notification email alerts? (so someone can reset your Ctrader password if your smartphone (and therefore your connected alert-receiving email) is compromised? (f course with 2fa a stolen smartphone with access would still be a problem but in that event you could at least call the provider immediately after it was missing)

4:

Device access – is it possible to limit access to a specific deviceand/or 'version' (desktop/mobile/web)? There seems to be something like this under 'active sessions' but won't that list just expand if I try to login from a different computer?

5:

In regards to broker access: does a ctrader broker have access to the Ctrader linked account in some way? If compromised, can they freeze it or does Spotware/Ctrader do that?

Also, when I created a Pepperstone demo for my Ctrader ID, Pepperstone initially sent me an email with a supposed password for the demo, but also instructions that I should log in with my Ctrader ID password. They tried to explain this contradiction by saying that the demo creation process was just some automated thing (weird to still have something this nonsensical for a broker that apparently started Ctrader support in 2013?). In my Pepperstone client area, I can change this Ctrader demo 'password' even though it does not work or apparently do anything at all. So to be clear, there is no additional password login for a specific Ctrader linked account, other than the Ctrader ID password?

Kind Regards

@NE539
Replies

PanagiotisCharalampous
05 Mar 2020, 08:27

Hi NE539,

  1. Two factor authentication is not available for cTrader ID but we have plans to add it in the future. There is no option to limit the use to Google only.
  2. No, you can only sign in using your cTrader ID,
  3. When resetting your password, you receive a confirmation email to your registered email address. Also if you try to change your email address, you first need to confirm this with an email received at the original email address. If your email account is compromised, then you need to contact your broker, to link your accounts to a different cTrader ID.
  4. No that is not possible.
  5. Brokers do not have access to your cTrader ID.
  6. Account passwords cannot be used to sign in to cTrader. However they are required if you need to trade via FIX API.

Best Regards,

Panagiotis 

Join us on Telegram


 

@PanagiotisCharalampous
Copyright © 2024 Spotware Systems Ltd. All rights reserved.
The services provided by Spotware Systems Ltd. are not available to citizens or residents of the USA. Neither is the information on our websites directed toward soliciting citizens or residents of the USA.