Account Security

Account protection overview

Account Security describes the mechanisms used to protect access to an Aurex account across both web and mobile environments and to prevent unauthorized usage.

This section focuses on login credentials, access control, session behavior, and user responsibility, regardless of the device used.

Login credentials

Access to an Aurex account is protected by:

• a user-defined password,

• account-specific identifiers.

Passwords are required for all sensitive actions related to account access.

Mobile access

The same login credentials are used for web and mobile applications. The mobile app does not introduce separate accounts or authentication logic.

Password management

Users can change their password from the web dashboard settings.

• Current password confirmation is required

• New passwords must be confirmed before applying

Note

Password complexity requirements are enforced consistently across platforms.

Session management

• Active sessions are created after successful login

• Logging out terminates the current session

• Session duration may be limited for security reasons

Session control

Users are responsible for logging out on shared or public devices, including mobile devices.

Mobile behavior

The mobile application may keep a session active for convenience, but sessions can still expire based on security policies.

Access control

Certain actions require active authentication, including:

• accessing account settings,

• changing credentials,

• viewing sensitive account information.

User responsibility

Account security depends heavily on user behavior.

Users are responsible for:

• keeping login credentials private,

• using secure devices and networks,

• preventing unauthorized access to their account.

Limitations

• Aurex cannot recover lost passwords without recovery mechanisms

• Compromised credentials may result in unauthorized access