Safety centre logo

Our app is designed to protect you - make sure you only ever buy and sell within the app

Keeping your account safe

Keeping your account safe

Password safety

It’s important to keep your login details secure, so that only you can access your account. There are three main things you need to do to keep your account safe.

  1. Use a strong, unique password
  2. Set up two-factor authentication
  3. Keep an eye out for suspicious emails

Depop Passwords?

Our passwords require:

  • Both capitals and lowercase letters
  • Numbers
  • Symbols like $, & and !
  • Length - at least 12 characters or longer

How do I pick a safe password?

We like our passwords the way we like our style – a bit random. Think outside the box.

Heads up – 82% of compromised passwords start with an uppercase letter. Also – don’t use the same password across multiple apps and websites.

Remember that weak passwords are:

  • Easy to guess – like "password", or a variation (like “P@ssw0rd12345”)
  • Your name, your pet or partner’s name
  • A string of numbers or letters like “1234” or "abcd"
  • Your phone number, your license plate number or a birthday
  • Passwords of all the same letter, or containing repetitions (i.e. "John!!!!!!Doe")
  • Incremental series of characters (i.e. "Welcome123456789")
  • A word that can be found in the dictionary (i.e. "SunflowerXPTO")
  • Repetitions of the same password (i.e. "Polik678Polik678Polik678")
  • Default passwords, even if they seem strong

Keep it extra safe by:

  • Using several words, i.e. a passphrase. A passphrase is a sentence, or a set of words like: “The road to success is always under construction!”. Learn more and generate your own, secure passphrases here.
  • Downloading a password manager that automatically stores and remembers strong passwords for you.

What’s two-factor authentication and why should I use it?

Two-factor authentication is a way to make sure that you’re really you when you sign into your account. It uses something you know - your password - and something you have - usually your phone - to double check your identity. Two-factor authentication is much more secure than a password alone, and it’s really easy to set up. Find out how here.

Spotting suspicious emails

Hackers will sometimes try to get access to your account through phishing emails.



The criminal practice of sending emails pretending to be from a trusted sender, like a bank or a really cool online marketplace for unique fashion, to obtain personal information, like bank details, credit card numbers, and passwords.

Eg, ‘I’m pretty sure my bank doesn’t usually call me “bestie,” this might be a phishing email.’

There are a few ways to tell whether an email claiming to be from Depop is legit.

  • All proper Depop emails come from an email address. Make sure you double check the sender’s address.
  • Heads up - we’ll never email asking you to share personal info or account details through another website or outside of our app.

If you get a suspicious email, don’t click on any links or attachments. Instead, take a screenshot and send it to our Help Centre here.

If you have clicked on a link or attachment, it’s a good idea to get in touch with your bank or credit card company to tell them your details have been compromised.

Help, my account has been hacked!

Unfortunately, sometimes hackers do try to steal your passwords to get access to your online accounts. If this happens, you might not realise straight away. Signs that your Depop account has been hacked could include:

  • Strange listings
  • Notifications you can’t explain
  • Other activity you don’t remember doing

If you think something is up, report it immediately via our Help Centre here. If your account has been hacked, we’ll block it immediately, then help you reset your access.

Still have more questions?