🔐Account Security

Use our official website to create your account and set up a strong password to protect it.

Creating a Sandbox Account

Creating an account at The Sandbox is quick, easy, and simple. However, you should be aware of fake websites that try to look similar to the real thing in order to trick you. Although The Sandbox does utilise a dedicated service that hunts down these fake websites and gets them removed as soon as possible, it is still possible that you may run into one of these fakes.

The Sandbox Game's Official Website

The only legitimate web address for The Sandbox's official website, including its marketplace, NFT claims, Alpha Seasons, Contests, and Staking pages is: https://www.sandbox.game.

A Decentralized Gaming Metaverse Made By Players.The Sandbox

Choosing a Strong Password

It is important to create a strong password for all of your online accounts, not just your Sandbox account.

Passwords should not contain any information which can be guessed or found easily on social media and so forth, such as dates of birth, anniversary dates, family names, children's names, favourite sports teams, pet names, favourite celebrities/films/books and so on.

Weak Passwords

Did you know that roughly half of all passwords in existence are very easy to guess? This is done usually by "social research", which is the act of someone tracking you down on social networks, and then learning what your favourite things might be, or what your family member's birthdays are, and so on.

• Numerous passwords on the internet are composed of a name or a favourite thing, such as the name of a pet, family member, or a sport team, to give three examples.

• If the platform requires a number to be in the password, many people add the number 1 on the end of it, or a family member's birth year.

• If the platform also requires a symbol to be in the password, a shocking number of people will just add an exclamation mark on the end of it.

• So, unfortunately, many people's passwords look something like either Fido, Fido1, Fido2022, or Fido1!. This is a weak password that is far too easy for a skilled shady person to crack.

Choosing a Strong Password

• A strong password contains a mixture of uppercase and lowercase letters.

• A strong password also contains numbers and symbols.

• A decently strong password is a minimum of eight characters long.

• Whereas a very strong password is a minimum of ten to twelve-plus characters long.

• Mix your numbers and symbols in with the lettering parts of your password, as opposed to sticking them on the end.

• Your password can be a memorable phrase that you made up that incorporates symbols and numbers in it.

• Do not write down your password "as is". This includes on paper, on your phone, or, worse, on the computer itself. You could if you need, however, write a hint for yourself somewhere.

• Do not tell anyone your password. There is absolutely no reason why anyone else would need to know your password, even for customer support purposes.

• Do not use the same password on multiple platforms. For example, if someone cracks your social network account password, they are going to try that same password everywhere else - PayPal, Amazon, Ebay, other social networks, The Sandbox, and so on.

Strong Password Examples

Do not use these exact examples as your password. This is a public page. Use these examples to help you to come up with your own unique password.

Decently Strong

• YuMMy-T3a

• P1nkR@bb1tZ

• B3rRyJu1(e

• F1sH/Pi3

• $w1m-2me

• Gb6Y?p9@M

Very Strong

• [OMG!]Z0mB1es_At3-MY-TurTle!

• [Te@](is)VERY-_d31ici0us(YuM!)

• but!WHY-is--tH3(j@m)g0N3?!

• The-BlUe_K0ALa-DrANk[my]Gr@peJuic3!

• $ome^ONE*$t0lE[my]$weetR0LL(ag@iN]

• Li0N-8uCk3T*G@mE^MAng0

• <D*67-UhB1_?R29-AnH3-@K2sD>

Password Managers

Some people like to use password managers to create, manage, and "remember" their account passwords, such as https://passwords.google.com/ to give one example. This is fine and may help those with trouble memorising things or those with simply too many accounts across the internet to remember the passwords for.

However, it is important that you also bear in mind that password managers are not immune from hacking or data breaches. Whereas your brain is.

Two-Factor Authentication

Where possible, you should have two-factor authentication (2FA) enabled on your accounts across the internet, whatever they may be. Two-factor authentication is the process of confirming that it is really you who is trying to log into your account, by sending you a confirmation code via a message or secure app to a secondary device, such as a smartphone or tablet.

This means that even if someone does manage to crack your password, they will still be unable to access your account unless they also physically hold the secondary device (ie, your smartphone) which has been set up to receive two-factor authentication codes for that account.

A Sneek Peek Inside The Sandbox:

At The Sandbox, it is internal company policy that all staff are required to have two-factor authentication on all of their The Sandbox-related accounts, including third-party tools they may be using. You should adopt this same policy personally.

Checking For Data Breaches

There are third-party tools available which you can use to find out if your information was part of a data breach anywhere on the internet. These tools will help you keep on top of which passwords, if any, you should get around to changing. Here are some examples of such tools:

• https://haveibeenpwned.com/

• https://www.avast.com/hackcheck/

Keeping Your Sandbox Account Safe

Passwords

• Create a strong password.

• Do not share your password with anyone.

• Do not write your password down in its entirety. And definitely do not save your password on your devices.

• Genuine The Sandbox support has no reason to know what your password is.

• Consider changing your password from time to time.

Accessing Your Account

• The only legitimate web address for The Sandbox is https://www.sandbox.game/.

• This is also the same address for The Sandbox marketplace, staking, reward claims, events, alpha seasons, staking, contests, and so on.

• You can log in through your username and password. Or through your connected wallet.

Protecting Your Account

• When was the last time you performed a virus scan on your device? Some viruses, such as spyware, tries to steal your passwords.

• Always make sure you are logged out of your account when it is not in use. Especially if you share a device with someone else or if it is a public device (ie, in a library).

• Do not let others share your account. As the person who created the account and accepted the legally-binding terms of use, you are solely responsible for everything that happens on the account.