After some crypto exchanges accounts, today my Twitter account got hacked.
2FA had only been added recently to Twitter and I had forgotten to apply it. Although I had paid attention to remove my phone number there hopefully, alongside other social networks, which (phone number) is a major source of fraud complication
Anyway, it still comments the degree of danger that can happen from using a single password the light way. Besides private discussions, there is nothing critical to protect at Twitter, yet they are taking threats nonetheless seriously. It shows a rising need
However, at least Twitter warns its members when a successful login attempt occured from a different computer / unusual IP address.
Darwinex does not warn us about such events.
I know it for a fact because I connect from different remote machines located in different countries and I never receive any activity monitoring email as prevention.
In other words, if someone has forced access to a Darwinex account and is spying at trades hidden to the public on purpose (trading journal, privacy settings), then we have no means to know and react. Also, our customer data can leak and the pirate learn who exactly is behind a Darwin, etc. To me, the potentiality of both such leaks is troublesome. Sorry to insist.
If 2FA is not scheduled shortly, then please consider to integrate warning emails monitoring the connection activity. That is the minimum to provide but could be satisfying enough to give us responsability in handling security ourselves (change password when needed) when we know something is wrong. Right now, we are kept in the dark a bit too much