discord.zhangxinhe.com Open in urlscan Pro
2606:4700:3031::ac43:ab0c  Public Scan

Form analysis
0 forms found in the DOM

Text Content

DownloadNitroDiscoverQuestsSafety
Safety
SupportBlogCareers
Download for Linux
Back
Safety Center
Overview

Controlling Your Experience
Four steps to a super safe accountFour steps to a super safe serverRole of
administrators and moderators on DiscordReporting problems to DiscordMental
health on DiscordAge-Restricted Content on DiscordTips against spam and hacking

Parents & Educators
What is Discord?Discord's commitment to a safe and trusted experienceHelping
your teen stay safe on DiscordTalking about online safety with your
teenAnswering parents' and educators' top questionsIf your teen encounters an
issueWorking with CARU to protect users on Discord

How We Enforce Rules
Our policiesHow we investigateWhat actions we takeHow you can appeal our
actionsDiscord's Transparency ReportsWorking with law enforcement
Back
Moderator Academy
Overview

Basics
100: An Intro to the DMA103: Basic Channel Setup104: How To Report Content To
Discord110: Moderator Etiquette111: Your Responsibilities as a Moderator151: An
Intro to the Moderator Ecosystem

Setup and Function
201: Permissions on Discord202: Handling Difficult Scenarios203: Developing
Server Rules204: Ban Appeals205: Utilizing Role Colors206: Best Practices for
Reporting Tools207: Server Information and Announcement Channels208: Channel
Categories and Names210: Moderator Recruitment211: Creating Moderation Team
Channels231: Fundamentals of Family-Friendly Servers241: Securing Your Discord
Account

Advanced Community Management
301: Implementing Verification Gates302: Developing Moderator Guidelines303:
Facilitating Positive Environments304: Moderating Safely and Securely310:
Managing Moderation Teams311: Understanding and Avoiding Moderator Burnout312:
Internal Conflict Resolution313: How to Moderate Voice Channels314: Training and
Onboarding New Moderators321: Auto Moderation in Discord322: Using Webhooks and
Embeds 323: Using XP Systems324: Using Modmail Bots331: Community Engagement332:
Fostering Healthy Communities333: Planning Community Events334: Community
Partnerships341: Understanding Your Community Through Insights345: Best
Practices for Moderating Content Creation

Moderation Seminars
401: Transparency in Moderation402: Confidentiality in Moderation403: Sensitive
Topics404: Considering Mental Health in Your Community 405: Practicalities of
Moderating Adult Channels407: Managing Exponential Membership Growth431: Ethical
Community Growth432: Internationalization of a Community441: Community
Governance Structures442: Using Insights to Improve Community Growth and
Engagement443: Ban Evasion and Advanced Harassment444: Managing Interpersonal
Relationships451: Reddit X Discord452: Twitch X Discord453: Patreon X
Discord455: Schools X Discord459: Bringing Other Communities to Discord

Graduate
531: Parasocial Relationships541: The Application of Metaphors in Moderation


Author Credits
Author Credits
Login


Discord Safety CenterPolicy HubSafety LibrarySecuring Your Discord Account
Discord
Version
No items found.
June 3, 2022



SECURING YOUR DISCORD ACCOUNT

‍

Personal account security on Discord is of the utmost importance. If your
account is compromised, you could lose access to cherished direct message
conversations with friends and servers in which you are an active community
member. However, when you’re a moderator there is an additional danger: the
attacker that compromised your account may ruin the Discord servers you moderate
by banning tons of members, deleting channels and messages, or more.

To avoid this, it is important that you not only secure your own account but use
Discord responsibly to avoid accidentally compromising your account.


ACCOUNT SECURITY

The first step towards securing the server you moderate is securing your own
Discord account. Your first line of defense is a strong and unique password.
Some characteristics of strong passwords include:

 * Length - Longer passwords are harder to guess
 * A mix of character types - Including numbers, symbols, lowercase, and
   uppercase letters make the password harder to guess
 * Uniqueness - Avoid reusing passwords you are using on other sites. If those
   sites are compromised, it could also compromise your Discord password

You can also use a random password generator or a password manager to create a
completely random password that will be nearly impossible to guess, but
difficult to remember. Another option is to combine several random words
together. The key, though, is that the words need to be completely random. Using
a tool to help select words at random from the dictionary is a good way to help
ensure their randomness.

Once you have a strong password, you should also enable two-factor
authentication, also known as 2FA. 2FA ensures that even if someone manages to
guess your password, they won’t be able to get into your account without access
to the device where the 2FA app is. You can also enable 2FA via SMS and receive
your authentication code via text message. However, SMS 2FA is less secure than
application-based 2FA because text messages can be intercepted or your phone
number could be stolen. Although the chance of this is still low, you should
still avoid enabling the SMS backup for this reason if possible.

You also need to make sure the devices where your Discord account is logged in
and the device that has your 2FA app are physically secure. Make sure your
computer is password protected and locked when you are physically away from it.
If you use a public computer, make sure that you use incognito mode on the web
browser to ensure that your Discord information is removed when you close the
browser. For a phone or tablet, require a PIN code to unlock it so that it can’t
be used by strangers.

Now that your account is nice and secure, there is one more thing you must
closely monitor to ensure it doesn’t fall into the wrong hands: yourself.





AVOIDING SOCIAL ENGINEERING ATTACKS

The weakest link in any cybersecurity system is usually a human, and the
security of your Discord account is no exception. Social engineering is the use
of deception to manipulate individuals into divulging confidential or personal
information that may be used for fraudulent purposes. People attempting to gain
access to your Discord account may attempt to get you to log into a fake site,
download a malicious file, or click on a suspicious link. Being able to identify
these actions and avoiding potential pitfalls is an important part of keeping
your account (and the servers you moderate) safe.

One of the most common and dangerous scams on Discord is a user or a bot sending
out a direct message with a QR code saying that you should scan the QR code with
Discord’s QR code scanner for free nitro. This will generally be combined with
instructions on how to access and use Discord’s QR code scanner. However, it is
important to remember that Discord's QR code scanner is only used to log in to
Discord. Scanning the given QR code will allow that attacker to directly log
into your account, bypassing your password and any 2FA you may have configured.
If you accidentally scan a suspicious QR code, you should immediately change
your password as this will invalidate your current account token and log you out
of all devices.You can also report any such scams directly to Discord Trust and
Safety for further action. For more information on making reports, check out
this article.

Another common attack is to encourage you to click on a link that redirects to a
fake Discord website. Before clicking on any links from a user, ask yourself the
following questions:

 * Is the sender a stranger?
 * Is this message unexpected?
 * Does the message imply urgency or promise something as a reward (e.g., “If
   you don’t do this in the next five days, your Discord account will be
   deleted”)
 * Are they asking me to perform a suspicious/sensitive action (e.g., download a
   file, log in to a website)

If you find that the answer to many of the above questions is “yes”, you should
avoid performing whatever action they are requesting. You can also check any
suspicious-looking URLs with various URL checkers, such as this one.

If the user is specifically asking you to click on a link that prompts you to
log in to Discord, another option you have is to navigate directly to
https://discord.com in your web browser and log in from there. If clicking on
the user’s link still takes you to a login page, double check the URL of the
website. One thing you’ll want to check is if the website starts with https://
instead of http:, or that there is a lock next to the beginning of the URL.
Although some fake sites may still have an https:// designation, many of them
will not. Other signs may be slight misspellings of the URL or visual tricks
such as diiscrd.com or dlscord.com with a lowercase “l” instead of an “i”. If
you notice any of these signs, it is highly likely that it is not actually
Discord’s website and instead a fake website intended to trick you into entering
your login credentials so that it can steal your account.

‍


Most modern browsers will have a lock icon indicating that the connection is
secure if they do not show https:// before the URL. If the icon is shown as an
unlocked lock or you see http:// rather than https:// before the URL, your
connection is not secure.

‍

‍


CONCLUSION

Creating a strong password, enabling 2FA, and following best practices for
physical device security are the first steps towards keeping your Discord
account secure. However, there may be people that try to trick you into giving
access to your Discord account through various scams or other social engineering
attacks. Being able to spot suspicious messages and users and being cautious
when encountering strange links or files is another important part of keeping
your account safe. Of course, anyone that is able to illicitly gain access to a
moderator account on your server still has the potential to do great harm, such
as banning users and deleting messages, channels, and roles. Be sure to share
this information with the other moderators on your server so that you can each
do your part to keep your community safe by keeping your accounts secure.

‍

‍














Tags:
User Safety
Contents
Account SecurityAvoiding Social Engineering AttacksConclusion


SAFETY CENTER

Explore more
Controlling Your Experience
Four steps to a super safe account


LOREM IPSUM IS SIMPLY




TEEN AND CHILD SAFETY POLICY EXPLAINER


PLATFORM MANIPULATION POLICY EXPLAINER

Controlling Your Experience


REPORTING ABUSIVE BEHAVIOR TO DISCORD

English, USA
българскиČeštinaDanskDeutschΕλληνικάEnglish,
USAEspañolSuomiFrançaisहिंदीHrvatskiMagyarItaliano日本語한국어LietuviškaiNederlandsNorwegianPolskiPortuguês
do BrasilRomânăРусскийSvenskaไทยTürkçeУкраїнськаTiếng Việt中文繁體中文
English
Čeština
Dansk
Deutsch
English
English (UK)
Español
Español (América Latina)
Français
Hrvatski
Italiano
lietuvių kalba
Magyar
Nederlands
Norsk
Polski
Português (Brasil)
Română
Suomi
Svenska
Tiếng Việt
Türkçe
Ελληνικά
български
Русский
Українська
हिंदी
ไทย
한국어
中文
中文(繁體)
日本語

Product
DownloadNitroStatusApp DirectoryNew Mobile Experience
Company
AboutJobsBrandNewsroom
Resources
CollegeSupportSafetyBlogFeedbackStreamKitCreatorsCommunityDevelopersGamingQuestsOfficial
3rd Party Merch
Policies
TermsPrivacyCookie SettingsGuidelinesAcknowledgementsLicensesCompany Information
Sign up