Account Security

First and foremost no account sharing. The only person who should have access is yourself and no one else. Any actions which occur on your account are your responsibility. It is also your responsibility to secure your account and avoid becoming compromised. 

Sites and common companies offer Two-Factor Authentication (also referred to as 2FA or Multi-Factor Authentication). This security method uses a secondary device to generate a code you input before logging into your associated account. If your password is discovered by someone else, they will be unable to log in as they cannot generate the required code.

There are various ways for Two-Factor Authentication to send a code; the common ways are via a phone application such as Google Authenticator or a text message to your phone. We recommend you have Two-Factor Authentication on all your important accounts, such as email accounts.

IMPORTANT NOTE: Always keep a copy of the backup codes given to you when you set up Two-Factor Authentication in case you ever lose your phone. You will be locked outside your accounts if you lose your phone and these codes.

Using long passwords

Use passwords with at least 12 or more characters where possible - longer ones are better. This helps make your password harder for a person or machine to guess or brute force.

Using a range of characters

Use various character types, including letters (upper and lowercase), numbers, and special characters (e.g. !, @, #, or &). Avoid changing words with numbers, such as “P4aS5W0rd!” is still not a secure password.

Unique passwords for each account

This ensures that if one password becomes compromised, no others will be, and reduces the damage to your information.

Find it hard to remember passwords?

If you struggle to remember passwords, you can use a password manager application; some managers come with built-in strong password generators when creating accounts online.

Where available, set up security questions so that websites will confirm that you are you when taking specific actions on them. Answering questions with custom passwords or random characters instead of using one more answer.

Creating an email address or changing a current one by adding extra letters before or after the main part of your email address, such as "example+randomcharacters@email.com." Making the email address harder to crack for a person or machine.

When using the internet, remember not to give out any personal information. To help you with this, we have developed a list of ways to keep your information secure while browsing the internet. Here are some things to keep in mind when online.

Always check the URL (address bar)!

When clicking on any links on the internet, always check the link to ensure it is what you expect. If it is anything else, it is likely a phishing link with the site designed in such a way as to steal your personal information, such as your login details.

For example, all of ApexZombies' official sites are linked below. Any site that is not one of these has no affiliation to ApexZombies, even if it claims otherwise, and should not be trusted.

• apexzombies.com

• store.apexzombies.com

• status.apexzombies.com

• apexzombies.click

If it’s too good to be true, it is!

A generally good principle to use everywhere. It almost certainly is if something seems too good to be true online. A prime example is if you get a message from someone saying they found a way to get free Minecon capes; this is likely phishing, as all Minecon Cape links have been retired.

If unsure, avoid communicating with the person or people if something seems suspicious.

Never give out personal details!

This is the most crucial part. No one should ask you for any personal information or account details online. This information should be kept to yourself and not be shared with anyone.

Data sharing with games and services.

Make sure only trusted apps and services have access to your Xbox Live profile information and associated data. Granting access to untrusted apps and services can compromise your personal information and be used for malicious intent. 

To view and edit the list of apps and services with access to your information, please visit https://account.live.com/consent/Manage.

Do not click on sketchy links!

If you are unsure whether a link is safe, you should not click it. If someone sends these links on any of our platforms, report them using the appropriate methods, such as /report if it is in-game. 

Continually update passwords!

To stop unwanted visitors from accessing your accounts or information, changing your passwords throughout the year makes it harder for a person or machine to gain access if the information gathered is incorrect.

As a general tip, if you get a site asking for you to log in and you’re suspicious of it, try entering random details such as “username” and “password.” If it lets you “log in,” it’s there to steal your details. That said, don’t treat this as a reliable test either.

If you believe someone has gained access to one of your accounts, do not panic. We recommend you do the following:

1. Change the password for the associated email account.

2. Change the password for the associated account.

3. Attempt to recover the account.

4. Contact the Support of the service you are using.

5. Add extra security measures, such as 2FA or Security Questions.

Please note that ApexZombies does not have the power to ban Minecraft accounts upon request if you believe your account may be compromised. Please contact Microsoft Support if you believe your account is compromised.

If your account has been issued with a "Suspicious Activity" punishment, please read our appeal page for more information.