3Commas Security

3Сommas Blog
3 min readMar 15, 2022


Make your trading fraud-proof

We highly recommend you go through this crypto-security checklist to feel confident about the security of your funds.

Is 3Commas safe to use?

Your funds are secure because they can’t leave your exchange. 3Commas connects to your exchanges via encrypted API. Our system tells your exchange to start and close deals but has zero access to withdraw or transfer fiat or cryptocurrencies.

Even better, since 3Commas connects via API, your log-in information for your exchange is never revealed to our system. It’s not like a password manager that saves your username and password for each exchange. There’s no backdoor or cache that can be exploited because the API deliberately does not have the functionality to request any of your personal information from the exchange.

How does 3Commas secure user data?

3Commas secures user data with encrypted API keys and enterprise-grade tools from security services provider Cloudflare, including:

  • Web Application Firewall
  • DDOS attack protection
  • SSL/TLS encryption between visitors and origin servers

What can you do to keep your data safe?

1) When working with an exchange:

  1. Secure your exchange account with two-factor authentication (2FA).
  2. Save 2FA backup keys in a safe place.
  3. Use a strong and unique password/email for your exchange account.
  4. When creating API keys don’t store secure API keys in a shared or accessible document.
  5. Don’t send your API keys via a message to yourself or anyone.
  6. Use separate API keys for different services.
  7. When opening emails from an exchange be wary of phishing emails and ensure the authenticity of the sender.

2) When working with mobile devices:

  1. Secure your smartphone with a PIN code.
  2. Never give your device to anyone while the trading app is opened or with your Google Authenticator is accessible.
  3. Always ensure that your backup codes are retrievable in the event your phone is lost or stolen.

3) When creating an account on 3Commas:

  1. If you have created your 3Commas account with Facebook or Apple ID, be sure to enable 2FA on said services. Follow the instructions for Facebook and for Apple.
  2. If you have created your 3Commas account with an email address and password:
  • Use an email address you are checking regularly (not a “spam-address”)
  • Use a strong and unique password different from your email address.
  • Verify your email address (you will receive a link once you are registered).
  • Enable 2FA for your account in Settings.

4) When using 3Commas:

  1. Hide your balance when you are sharing screenshots or your interface is viewable by others.
  2. Logout from 3Commas if you are giving access to your device to someone.
  3. Secure your device with a password or PIN and don’t leave it unlocked.
  4. Don’t share your email_token in TradingView commands.

3Commas commitment to user security

5 years in the crypto industry without any serious data breaches. That’s a testament to how seriously we take security at 3Commas. Every blockchain and cryptocurrency service is a tempting target for malicious attacks, and 3Commas operates under the assumption that someone is always trying to get access to our user’s information. We take every reasonable precaution to block these attacks before they happen and ensure your accounts are safe.

Following security measures is vital in cryptocurrency trading. Always remember that $100 worth of a token may become a fortune someday. So treat every penny with respect.