Account Security, Recovery & Compromised Accounts

by rich • Oct 22, 2022 • 21
edited by rich on May 1, 2024

Account Security

To help keep your account secure, we recommend following these guidelines.

  • Use a strong password with lower & upper-case combinations, numbers, and symbols. Don't use the same passwords on other websites.
  • Enable two-factor authentication. Coming soon when brokerage integration is completed.
  • Never give your email or password to anyone, including our staff or anyone claiming to be a staff member.
  • Be cautious of links and make sure you're on nvstly.com or any of our domains listed below before creating an account or logging in. We also own trhub.net, which redirects to the main URL.
  • Beware of any third-party applications. Our platform and API are private, and we do not approve any third-party apps, browser extensions, or plug-ins used for our platform.

Password Requirements

Your account should have a strong password and not be the same as any of your other accounts on other websites. This protects you from data breaches or hacks. Accordingly, you should also have a strong password for the email address used to create the account. This also applies to your linked accounts such as Discord, Google, or Twitter.

  • Passwords need to be 8 characters long.
  • They need to include 1 upper-case letter, 1 lower-case letter, 1 number, and 1 symbol or special character.
  • Use a different password from your email, linked accounts, or any other accounts on other websites.
  • Do not store your password in an unencrypted file or folder. Use a password manager to help you remember them, which securely stores your login information.
  • Do not use personal information in your password. (I.e., birthdays, phone numbers, etc.)
  • Do not use common dictionary words or a sequence of letters or words. (For example, password, qwerty, abcd1234)


Two-factor Authentication

Enabled 2FA through the Login & Security section in Account Settings. Two-factor authentication helps keep your account secure by utilizing one-time passwords that are generated every 30 seconds.


Safeguard Your Login Information

Phishing is a common method for attackers or scammers to create a fraudulent replica of a website for you to log into or create an account on to gain access to your login information. Phishing also takes form in emails. They will spoof an email to make it seem as if it's being sent from a genuine email address.

Our domains

We don't send any emails from these domains except for nvst.ly.

If you receive a suspicious email from us, check the raw data of the email or use the "Show Original" function on Gmail. In the email metadata you will see the real source of the email in the "Return-Path" and "Received From" fields. The Return-Path will always be a @nvst.ly email address. To verify it's truly from us, you can verify this by seeing the IP address in the Received From field.


We reply back from the same email address you sent to and send from the following emails:

Here's an example of a SPOOFED EMAIL.

All emails are sent via amazonses.com, email.cloudflare.net, or don't show a source at all, and the return path in full email or metadata for all emails will always be @nvst.ly until stated otherwise.

We will never ask you for personal or financial information such as your password, and you should never provide us with sensitive information. We will never ask you to download something, open any attachments, or log into a non-NVSTly official website. 
Anyone claiming to be staff asking you to provide or do any of these should be reported.


Apps from Third Parties

NVSTly's API is private and does not allow any type of automation or 3rd party apps. At this time, it is currently against our Terms & Conditions. You must not rely on or use any third-party application, browser extension, or plug-in that claims to be used for or related to NVSTly.


Account Recovery

Currently, we do not have any method of account recovery. If you've lost access to your account or think it has been compromised, please notify us by sending an email to [email protected].

  • Send from the email you created the account with, whether it's your Discord, Google, or Twitter email you used to create the account.
  • We will reply back with a verification process.


Help With A Compromised Account

If you have:

  • Noticed any unexpected activity on your account. (such as following or un-following)
  • Received a notice from us that your account has been compromised.
  • Received a notice from us that your account information has been changed.
  • Notice your password isn't working

Then you should:

  1. Change your password.

If you can log into your account, please change your password through your account settings.

      2. Verify the security of your email account and any linked accounts.

Make sure that your email and any linked accounts are secure and that you are the only one with access to them. You can change your email address by sending an email to [email protected]


Protect your account using guidelines and best practices

© 2021-2024
Open AppBlog
Check out our socials!