Keeping Your Account Secure

Password Best Practices

Your password is the first line of defense for your account. Follow these best practices:

• Use a strong, unique password that you do not use on other websites.
• Include a mix of uppercase letters, lowercase letters, numbers, and symbols.
• Avoid using personal information (name, birthday, etc.) in your password.
• Consider using a password manager to generate and store secure passwords.
• Change your password immediately if you suspect unauthorized access.

Recognizing Phishing & Scams

Be aware of potential scams:

• Wax Trader will never ask for your password via email or message.
• We will never ask you to complete a transaction outside of the Wax Trader platform.
• Be cautious of emails that create urgency or threaten account suspension — always verify by logging in directly through waxtrader.io.
• Never click on suspicious links. When in doubt, go directly to waxtrader.io in your browser.

Secure Transactions

All transactions on Wax Trader are protected by:

• TLS encryption for all data in transit.
• PCI Level 1 compliant payment processing through Stripe.
• CSRF protection for all state-changing operations.
• Secure session management with automatic timeout.

Account Recovery

If you forget your password or get locked out of your account, use the "Forgot Password" link on the login page. You will receive a password reset email. If you no longer have access to your email address, contact our support team for assistance with account recovery.

Report Suspicious Activity

If you notice any suspicious activity on your account (orders you did not place, messages you did not send, address or payment changes you did not make), change your password immediately and contact our support team.