Rails is now live.
Rails.xyz
Rails.xyzSign InContact Us

Security

At Rails, the security of your account is our top priority. This section details how to secure or regain access to your account. Click the links below to jump to some common security topics:

Password Reset

Multi-Factor Authentication (MFA)

Single Sign-on (SSO) with Google

If you have urgent login issues, please contact us via email or on Discord.

Password Reset

For your security, we recommend updating your password regularly. You can change it proactively at any time, either from your account settings while logged in, or from the login screen if you’ve forgotten it.

Click the expandable sections below to see detailed instructions for each method.

Reset from Login Screen

  1. Click on Sign in with Email on the login page.

  1. Click on Forgot Password.

  1. Insert the email associated with your account and click Next.

  1. Check your email for instructions on resetting your password.

If you do not receive a Password Reset email within 5 minutes, check your spam folder or follow these troubleshooting tips.

  1. Click on Reset your password in the email.

  1. Type in your new password and confirm it in the fields provided and click Next.

Once successfully changed, you can use your new password to Sign in.

Reset from Settings

  1. Login to your Rails account.

  2. Click on the Options button (Username) on the top right corner and then select Settings.

You will automatically be directed to the Change Password section of the Security page.

  1. Input your new password in the New Password field.

  2. Re-enter your new password in the Confirm Password to confirm it’s accurate.

  1. Click Update Password.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) adds an extra layer of protection to your login process by requiring more than just your password. With MFA enabled, you’ll be asked to verify your identity using an additional factor from the following options:

One-Time Passcode (OTP): An OTP is a short, temporary security code we email you before you sign in. Each OTP is valid for a single use and expires within 10 minutes, helping to ensure that only you can access your account.

Setting up OTP

Complete the following steps to set up an OTP on your account:

  1. Click on the Options button (your username) on the top right of the trading page, then click Settings.

  1. You will automatically be directed to the Security page. Select Multi-Factor Authentication.

  1. Click the toggle switch to enable OTP. It will move to the right and become blue when enabled.

If you wish to disable OTP at any point, click the toggle switch again until it is left aligned.

Signing in using OTP

  1. Click on Sign in with Email on the login page.

You will not be asked to complete OTP if you Sign in with Google, even if it's enabled.

  1. Input your email and password and click Sign In.

  1. If you have both OTP and passkeys enabled, you will be prompted to select between the two verification methods. Ensure the OTP option is selected then click Sign In.

  1. You will be prompted to input the code. Check your email for a unique passcode as displayed below.

  1. Navigate back to the sign in screen, input the code and click Sign in.

If successful, you will be directed to Rails' main trading page.

Check out our troubleshooting tips if you are having trouble logging in.

Passkey: A passkey is a secure digital credential stored on your device that provides an extra layer of protection for your account. Unlike traditional passwords, passkeys use advanced encryption and biometric verification (such as Face ID, fingerprint, or a device PIN) to confirm your identity quickly and securely. Physical security keys, like a YubiKey, can also be setup as passkeys further enhancing security.

Setting up a Passkey

  1. Click on the Options button (your username) on the top right of the trading page, then click Settings.

  1. You will automatically be directed to the Security page. Select Multi-Factor Authentication.

  1. Click on Create Passkey.

  1. Your device may suggest a specific passkey method (e.g. 1Password, iCloud, etc.) based on what you have available. Follow the prompts to set up the suggested passkey, or click X or Cancel until you get a screen similar to the below screenshot to select your preferred passkey method.

  1. Follow the verification prompts on your device, or jump to supported passkeys to see steps for specific, common passkeys.

  2. Once completed, you should see your passkey listed in your settings page as shown below.

  1. Ensure the toggle for Passkeys is on. It will be blue and switched to the right.

To add additional passkeys, simply click the Add Passkey button in the bottom left corner and repeat this process.

Edit your passkey names for easier identification by clicking the pencil icon in the Action column.

Signing in using Passkeys

  1. Click on Sign in with Email on the login page.

You will not be asked to verify via passkey if you Sign in with Google, even if it's enabled.

  1. Input your email and password and click Sign In.

  1. If you have both OTP and passkeys enabled, you will be prompted to select between the two verification methods. Ensure Sign in with a passkey is selected then click Sign In.

  1. Follow the prompts on your passkey. If successful, you will be directed to Rails' main trading page.

Check out our troubleshooting tips if you are having trouble logging in.

MFA does not apply to Single Sign-on with Google. Users will only be prompted to complete MFA when signing in with their login and password.

Supported Passkeys

Rails supports a broad list of secure FIDO2-based passkeys for MFA. FIDO2 passkeys are secure digital credentials stored directly on your device. They use cryptographic keys paired with biometric verification (like fingerprint or facial recognition) or a PIN. Because passkeys are device-bound, they’re significantly more resistant to common cyber threats like phishing, credential theft, and password reuse attacks.

Click the expandable sections below to see step-by-step instructions on how to setup some of the most common passkeys.

Setting up Common Passkeys

If you have multiple passkey options on your device, it will decide the hierarchy of which one you are presented with first. Click X or Cancel when prompted if you wish to use or setup a different passkey.

iCloud Keychain

Mac users that utilize biometric (fingerprint) scan set up access to their passkey by using the following steps:

  1. Your device may prompt you to setup a different passkey (e.g. Chrome, 1Password, etc.) proactively. Click X or Cancel until you get to the following screen, then select iCloud Keychain.

  1. Use your fingerprint to allow for a passkey to be saved on your iCloud Keychain.

  1. If saved successfully, this passkey will be saved in your security settings under passkeys as iCloud Keychain.

Click the pencil icon to edit the passkey name if you're adding multiple passkeys or devices.

1Password

Users who have the 1Password browser extension are able to use their 1Password account to securely store their passkey by following these steps:

  1. Unlock your 1Password account (if prompted).

  1. Click New Item on the 1Password prompt and then click Save.

  1. Your passkey is automatically created in 1Password and if successful, it will be listed in Settings > Security > MFA > Passkeys as 1Password.

Click the pencil icon to edit the passkey name if you're adding multiple passkeys or devices.

Chrome Profile

Users who have biometrics setup in their Chrome browser can also use this as a passkey method.

  1. Your device may prompt you to setup a different passkey (e.g. iCloud, 1Password, etc.) proactively. Click X or Cancel until you get to the following screen, then select Your Chrome profile.

  1. Ensure the right profile is selected and click Continue.

  1. Provide biometric scan or password to continue.

  1. If saved successfully, this passkey will be saved in Settings > Security > MFA > Passkeys. as Chrome on Mac.

Click the pencil icon to edit the passkey name if you're adding multiple passkeys or devices.

Device QR Code or Security Key

Users are able to access their passkey by using another device or private security key by using the following steps:

  1. Your device may prompt you to setup a different passkey (e.g. iCloud, 1Password, etc.) proactively. Click X or Cancel until you get to the following screen, then select Use phone, tablet or Security Key

  1. When presented with this screen, you can choose to either use a camera on another device to scan the QR Code or insert and touch your security key to setup the passkey.

  1. Follow the prompts on your device.

  2. If saved successfully, this passkey will be visible in your passkey list in Settings > Security > MFA > Passkeys.

Single Sign-On (SSO) with Google

Single Sign-on (SSO) with Google lets you quickly and securely log into your account using your existing Google credentials. Instead of managing a separate username and password, you simply authenticate through your Google account. This adds convenience, enhanced security and a faster login process.

Setting up SSO with Google

  1. Visit the login page and click Sign in with Google.

  1. Choose the Google account you would like to sign in with.

  1. Click Continue on the confirmation screen.

You should now be logged in and navigated to your rails account automatically. If you're having issues, ensure the email is the one associated with your Rails account or checkout our troubleshooting tips.

Previous$1 Million Summer GiveawayNextNavigating the Platform

Last updated

Was this helpful?