# Security tips

## Keep your recovery phrase private

Never share your secret recovery phrase. Anyone with the phrase can restore and control the same account.

Lollipop will never ask you for your secret recovery phrase.

## Store the phrase somewhere safe

Write the phrase down and keep it somewhere private. Do not store it somewhere other people can access.

## Understand what the password protects

Your password unlocks the encrypted account stored on this browser and device.

If you forget the password, you must restore the account with the recovery phrase.

## Read requests before approving

Only approve requests you expected and understand. Reject anything unexpected.

![Login request screen](/files/VbddJD4RMM7DlL3AFYDe)

The request screen gives you a final chance to approve or reject the action.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.lollipop.gg/lollipop-authenticator-for-chrome/security-tips.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.