Your Roll login information protects the social money in your Roll account. We strongly urge you to follow the best practices in keeping your Roll login information and password secure.
Never re-use your password on Roll
Your password on Roll should be unique and not used on any other service. This is to keep your password from becoming public if the other service may have a data leak or otherwise have access to your password.
Roll passwords are salted and hashed before they are stored in our database, so not even we know what your password is.
Do not use easily guessable passwords on Roll
Passwords that are simple words, dictionary words, or variations of common words or phrases should never be used as a password. These can be guessed by an attacker.
Use a password manager
For most users, password managers like 1password and LastPass are a great way to manage and securely store their passwords. In addition, these password managers can generate unique passwords on your behalf that you can use on Roll.
We strongly encourage all Roll users to enable 2FA. This protects your account even if your password is compromised. You can read about enabling 2FA on Roll here.
Contact support if your email is compromised or you notice any suspicious activity
If you notice any suspicious activity on your account or if your email address is compromised, please contact us immediately at support at tryroll dot com.