We want you to always be the only person with access to your Tryst account. To achieve that, here are some tips:
Never respond to or click links in suspicious emails
Unfortunately, many scammers attempt to impersonate Tryst.link emails, usually sending you something that seems both official and alarming to get you to react without thinking and click their link. Before opening any link in an email that claims to be from us, please follow the steps below. You can also log into Tryst.link directly whenever you receive an email, and avoid clicking on links in emails at all.
Tryst will also never:
- Use a URL shortener like bit.ly to obscure links in our emails to you.
- Use a domain other than http://tryst-fun.fun, https://tryst-fun.fun/s__app, or https://tryst-fun.fun/s__help in our emails to you. Most email clients will let you hover over the link without clicking on it to see the actual address, if you are on a computer. You can also type the link into a browser instead of clicking on it.
- Demand instant action (we will always provide a reasonable period of time for you to respond to an issue).
- Email you from a general email provider like Gmail, Hotmail, or Outlook.
Check the site address before signing in or providing codes
Scammers may also impersonate Tryst.link’s login pages to try and trick you into handing over your username and password. Only ever log in to Tryst.link from https://tryst-fun.fun/s__app/log_in. Any other URL is fake and attempting to steal your data.
You can check what address you're on by clicking in your browser's address/URL bar and looking at what is shown. Our links won’t include extra numbers or letters at the end or come from any other domain, no matter how similar it may look.
If you're even slightly unsure, don't fill in your details. Instead type tryst.link into your browser URL bar and click the Login button.
Be extra careful with your recovery codes. These are only for use in emergencies. If there's no reason for your usual two-step login method to stop working, stop before you enter your recovery code! Check the site address. It's always safer to close that page, visit tryst.link yourself, and log in there.
Use separate email addresses for your profile and account
Your profile contact email (the one shown to clients) and account email (the one you use to log in) can be different. Because your account email is never shown to anyone except the Tryst Team, using a separate one to your profile email can help you immediately identify when someone is trying to impersonate us because they emailed the wrong address.
We will only ever send notifications and account updates to your account email.
Always set a strong, unique password
We've got a whole section on setting good passwords on your Tryst account that we recommend you check out. Having a strong, unique password is one of your best ways to prevent others accessing your account.
Use a password manager to help you generate strong passwords
Creating a unique password for every site makes it hard to remember all those passwords! Instead of setting weaker passwords, reusing them, or following a pattern that can be guessed, you should use a password manager. These can generate strong, unique passwords for you so you only need to remember the one strong password to lock and unlock the app.
Some popular options include 1Password, EnPass (free option available), Bitwarden (free for personal accounts), and Dashlane (free option available).
Enable 2-step login to protect your account
2-step login is the best way to protect your account from being accessed by someone other than yourself. 2-step login means we only accept a login to your account when you provide both the thing you know (your username and password) and the thing you have (your short lived login code, Yubikey, fingerprint, etc.). Now, someone trying to take over your account needs to also get hold of the device that you use to authenticate your login, whether that is a hardware device (like a Yubikey) or a software device (like a code generator app on your phone). This makes it far harder for them to succeed.
Always log out when using a shared computer
Most browsers will remember your login sessions, even after your close the tabs or windows you where using. If you are using a shared machine we recommend not checking "remember me" at login, and making sure you always log out of our account when you are finished using Tryst. This ensures that someone can't open a browser and have immediate access to your account.