Security Best Practices

GE-AS holds real funds. Strong account security is your responsibility. The platform provides the tools, but you have to use them properly.

This page is a checklist of what to do and what to avoid.

The Essentials

These five steps cover 90% of account security. Do all five:

1. Use a strong, unique password. Long (12+ characters), random, not used on any other site. A password manager handles this for you.
2. Enable 2FA. Go to 2-Factor Auth in the side menu and turn it on. See 2-Factor Authentication.
3. Secure the email account you use for GE-AS. Your email is the recovery key. Protect it with a strong password and its own 2FA.
4. Verify your withdrawal wallet address once, carefully. Send a small test deposit before withdrawing a large amount.
5. Never share login codes, recovery codes, or passwords with anyone. No GE-AS staff member will ever ask for them.

Password Hygiene

• Length matters more than complexity. "correcthorsebatterystaple" is stronger than "P@ss1!".
• One password per service. If GE-AS is the only site using your password, a breach elsewhere does not compromise GE-AS.
• Use a password manager. 1Password, Bitwarden, KeePass. They generate and store strong passwords for you.

Two-Factor Authentication

GE-AS uses email-based 2FA. Once enabled, every login requires a code sent to your registered email.

• Enable 2FA before depositing any funds.
• Make sure your email account is secure (see below).
• Never disable 2FA "temporarily". Once off, your account is exposed.

See 2-Factor Authentication for setup.

Securing Your Email

Your email is the single most important link in your security chain. If your email is compromised:

• Attackers can request password resets to take over your GE-AS account.
• They can read your 2FA codes.

Protect it:

• Strong unique password on the email account.
• 2FA on the email account itself (this is separate from GE-AS 2FA).
• Avoid free temporary email services for GE-AS registration.

Phishing

Phishing is when attackers impersonate GE-AS to trick you into revealing credentials.

Red flags:

• An email or DM asking you to "verify" your account by logging in through a link.
• A message claiming you have won a prize or have funds waiting that "require" you to provide your password or 2FA code.
• A support agent on Telegram, WhatsApp, or any other channel asking for your password or 2FA code.
• A URL that looks like GE-AS but is not exactly ge-as.com. Watch for ge-as.io, geas.com, ge-as-support.com, etc.

Rules:

• Always reach GE-AS by typing ge-as.com into your browser directly. Do not click email links.
• GE-AS staff will never DM you first asking for credentials.
• If unsure, email [email protected] from the address on your account.

Withdrawal Address

Set your USDT wallet address once in Account Settings and verify it carefully:

• Copy and paste, do not type.
• Double-check the first 4 and last 4 characters match.
• Send a small test deposit ($5 to $10) and confirm it arrives before withdrawing larger amounts.
• Update only when you actually change wallets. Frequent changes increase the risk of a typo.

A wrong address means lost funds. There is no rollback.

Trusted Devices

• Log in from devices you control. Avoid public computers, internet cafes, or shared workstations.
• Lock your phone and computer when stepping away.
• Log out when finished on a shared device.
• Run up-to-date antivirus software on Windows.

Watch Your Email Inbox

When 2FA is enabled, every login triggers an email. If you receive a 2FA code you did not request:

• Someone has your password and is attempting to log in.
• Change your password immediately.
• Enable 2FA on your email account if you have not already.
• Contact support.

Recognising Scams

Common scam patterns:

• "Investment groups" on Telegram promising guaranteed returns if you give them your login. Never give login access to anyone.
• "Customer support" DMs offering to fix your account if you send your 2FA code. Real support never asks for codes.
• "Boost your account" services that need temporary access. They will drain your balance.
• Fake browser extensions claiming to be GE-AS or a Solana wallet companion. Install only from official stores, verified publishers.

If something sounds too good to be true, it is.

If Your Account Is Compromised

Act fast:

1. Change your password immediately.
2. If you can still log in, check for unauthorised withdrawal address changes in Account Settings.
3. Contact support: [email protected]. Include your username and a description of what happened.
4. Enable 2FA if not already on.
5. Review your withdrawal history for unauthorised transactions.

The faster you act, the better chance support has of helping.

Tips

• Bookmark ge-as.com and use the bookmark every time. No mistyped domains, no phishing links.
• Check the URL bar every time you log in. Should always be https://ge-as.com/...
• Review your activity regularly. Withdrawal history, recent logins (if shown), pending applications.
• Keep recovery information current. Update your email if you change providers. Lost email = lost account.