Account security & authentication

• Password: Use at least 12 characters, including uppercase and lowercase letters, at least one number, and at least one special character. Avoid predictable words, your username, or personal details (names, birthdates, phone numbers) in your password.
• Two-factor authentication (2FA): Administrators are required to use 2FA. Members may enable 2FA in Settings for an extra layer of protection on the "something you have" factor (authenticator app).
• The platform enforces technical password rules at sign-up, password change, and password reset—including checks against common weak passwords.
• If you sign in with password only (two-factor authentication not enabled), you must change your password at least every 90 days. When it is time, you will be prompted to choose a new password in Settings before continuing to use the site. Enabling 2FA satisfies stronger authentication expectations for your account.

• Do not share your password with anyone, including anyone claiming to be support.
• WannaDate? staff will never ask for your password. If someone contacts you and asks for it, it is a scam—do not provide it.
• Do not store passwords in plain text in email, unencrypted notes, or shared documents. Use a reputable password manager if you need help remembering complex passwords.
• Keep your email account secure: it is used for verification and password reset. If your email is compromised, treat your WannaDate? account as at risk.
• Log out on shared or public devices, and do not save your password in the browser on computers you do not trust.

For your security, you cannot set a new password that matches your current password or any of your last three previous passwords (four passwords in total). If you try to reuse a recent password, the system will ask you to choose a different one.