We work hard to keep your shares and money safe, you can also do a few things to make sure your account is secure.
You’re responsible for creating secure passwords and two-factor authentication (2FA)
Two-factor authentication can prevent 99.9% of cyberattacks and can give you extra protection against hackers, which is why we require you to use 2FA to protect your Hatch account. However, it’s your responsibility to use strong passwords.
We automatically check that your password meets our security requirements in length and complexity, and that it hasn’t been compromised elsewhere in a data breach. If we notice your password does not meet our security requirements, we’ll suggest you update it to be more secure.
Here are other steps for you to make your passwords as safe as you can:
Set up two factor authentication (2FA) during your Hatch account sign-up process. If you don’t have it already, set up 2FA now. This is where you’re asked to enter a unique code generated by an authenticator app, or sent to you via SMS
Make your passwords long and strong - ideally they should be 18 random characters containing upper and lowercase letters, numbers and symbols (Stonks would be cracked instantly in a brute force attack, according to Hive Systems, while %Tgc*(s!Mjz>p0D}r# would take 19 quintillion years!)
Don’t replace letters with digits and symbols, like ‘E’ for ‘3’, or a ‘5” to ‘$’
Create a new, unique password for every separate account and device
Don’t end a password with number ‘1’; any other character increases password strength a hundredfold according to PasswordMonster
Replace passwords with passphrases if a random string of characters is not your thing
Store your passwords on a password manager such as LastPass or 1Password, not on your phone’s notes or on a spreadsheet in the Cloud
Check whether any of your passwords have been involved in a data breach at haveibeenpwned.com and if they have, change them
If you suspect suspicious activity in your Hatch account, let us know immediately. We can disable your account instantly. Or if you have any security related questions, you can email our team at hello@hatchinvest.nz.