Cold Accounts
Last updated
Last updated
Cold owner/admin accounts is critical for securing your Discord server!
If your server is ever compromised, the first step (of several) is to have every admin/mod reset their password which regenerates your user Discord token and can kick the hacker out of a compromised account
The Good Knight team's opinion is that this is the single most important concept for Discord security. Any account with Administrator
permissions is a high value target for hackers since it allows a user to add/remove bots, webhooks, channels, users, and messages in addition to tagging @everyone. A hacker with these permissions can stop many mitigation attempts and can nuke a server. If the hacker compromises the owner account, it's basically all over for the server.
For every user that has Administrator
permissions (owner/admin) in a server, it is recommended that they have two accounts
Cold Account - The account with Administrator
permissions. This account is only online to complete major server management tasks like adding bots, managing webhooks, or adding/deleting channels. Otherwise, the account is offline (cold 🥶)
Hot Account - The account that a server owner/admin uses for day-to-day discord activity. This account should not have Administrator
permissions
While you can just use a single, Cold Owner account, and avoid assigning Administrator
permissions to anyone else. That may leave your server vulnerable if a hacker strikes when you're asleep. It is recommended to setup multiple Cold Admin accounts to cover all timezones.
It can be as easy as creating a second Discord account, but for secure servers it will require a few extra steps. If the Require 2FA for Moderator Accounts setting is enabled in the Safety Setup tab, any user with moderation power must have two-factor authentication enabled. This means that both your Cold Account and Hot Account will need 2FA. We highly recommend enabling this setting.
Also, we recommend adding a phone number to the cold account. Discord has been known to suspend new accounts that take over server ownership without phone verification. This means you'll need access to a second phone. Note: most VoIPs don't work. If your server's Safety Verification Level is set to Highest, Discord will require a registered phone number for your alternate account and will not let you use a number more than once.
Make sure the new account has some history on Discord before you make it your server owner. (Send messages, create a server, join other servers) This will prevent Discord from assuming the new account is a bot and locking the account.
Below shows a discord server theoretical role hierarchy.
Cold Admins are at the top. Users with the Cold Admin role are the only users that should have the Administrator
permission. The Cold Server Owner account does not need a role because it has the highest level by default
Good Knight bot is next, above the other bots
Other security and moderation bots are 3rd. These bots may require Administrator
permissions. ⚠️ If any bot is above Good Knight, there's a risk that a hacker could use the bot to kick the Good Knight!
Staff and Moderators follow. These are active team accounts that should not have Administrator
permissions but may have access to security and moderation features through bot commands
The general server Members follow and should have the minimal permissions needed
Other Bots are last. The bots in this category have specialized use cases like meme-ing, website feeds, games, etc. In most cases, it is best practice not to create a special role for these bots. Instead, add them to the Members role and address their permissions individually.