The website is for identity, billing, marketplace ownership, downloads, and guarded Remote Trading Center command coordination. The desktop app is where exchange connection, strategy work, AI provider keys, and trading control happen.
SecurityCore idea API keys Account access
Security boundaries built for local execution control.
OttoTrader separates account services from desktop execution so sensitive trading credentials can stay on the user's machine.
Use dedicated read/trade keys only. Never connect withdrawal-enabled keys.
Email confirmation and authenticator setup keep sensitive website actions protected.
Your trading setup should not feel like handing the cockpit to a website.
OttoTrader separates account management from execution so the website supports the workflow without becoming the place where your exchange keys live.
Security improves when the operator stays involved.
You still choose exchanges, API permissions, strategy risk, and live deployment. OttoTrader gives you a cleaner control surface for those decisions.
Security model
The important controls are separated on purpose.
OttoTrader avoids the riskiest pattern: one hosted web account holding identity, billing, exchange keys, AI prompts, automation, and execution all at once.
Exchange keys stay local
The website does not collect or expose exchange API secrets. Use read/trade permissions only and never enable withdrawals.
Desktop-controlled execution
Live Real execution runs through the desktop after user-directed context, strategy, and risk decisions.
Website account protection
Use email confirmation, password controls, authenticator MFA, and recent verification for sensitive website actions.
Guarded RTC
Remote Trading Center requires desktop presence, Test Connection, freshness checks, MFA for live-impacting actions, and desktop-side validation.
Credential storage
On Windows, supported credentials can use Windows Credential Manager where configured.
Clear user responsibility
OttoTrader provides software, not custody, brokerage, managed accounts, portfolio management, or investment advice. You keep control of accounts, permissions, strategies, and live decisions.
Compared with hosted trading services
Security is not just a login screen.
The safer posture comes from where sensitive work happens, what permissions are required, and how much control the operator keeps.
Common pattern
Many hosted trading services ask you to place exchange keys, automation, and account control in one web service.
OttoTrader
OttoTrader keeps the trading workspace desktop-first and uses the website for account, billing, marketplace, and optional remote-command coordination.
Common pattern
Many AI trading tools blur the line between suggestion, signal, and execution.
OttoTrader
OttoTrader treats AI output as a draft. The strategy still needs review, validation, and explicit operator control before it matters.
Common pattern
Many tools make safety feel like a checkbox after the strategy is already live.
OttoTrader
OttoTrader puts demo mode, validation reports, protection checks, and live controls directly in the workflow.
Before live trading
Start in Demo, keep API permissions narrow, and validate first.
OttoTrader can make the workflow more controlled, but live trading still carries risk. Read the setup guidance, use Demo first, and only connect exchange keys you understand and can revoke.