Welcome Bonus 100% match up to £500 plus 100 free spins for new players Claim Now →
Login Sign Up

Signing in to Fortunica Casino UK

Everything you need to know about accessing your account — supported login methods, session security, two-factor authentication, password recovery and what to do if you get locked out.

How to log in

Logging in to Fortunica Casino UK takes a few seconds. Open the official site, tap Log in in the top-right corner and enter the credentials you set during registration. If you saved your login details in your browser or password manager, autofill should work normally — the sign-in form uses standard HTML autocomplete attributes and does not block password managers.

Sessions are stored per device. Signing in on a new phone, tablet or laptop does not kick you out of other devices, but you will be asked to re-verify through 2FA (see below) the first time a new device connects. This is the same approach used by most major UK operators and is a baseline expectation under the Gambling Commission's safer-gambling guidance.

Open the login page

Supported sign-in methods

Email + password

The default method. Your email doubles as the primary contact for verification codes, withdrawal confirmations and responsible-gaming notices. Use a unique password that you do not reuse on any other site.

Username + password

If you chose a display name at sign-up, you can use it instead of your email. Usernames are case-insensitive and cannot be changed after verification, so pick something you are comfortable seeing in leaderboards and tournament feeds.

Biometric unlock (mobile)

On modern iOS and Android devices you can opt in to Face ID, Touch ID or fingerprint unlock after your first successful login. The biometric data never leaves your device — it unlocks a stored session token locally.

Magic link (backup)

If your password manager fails or you are signing in on a one-off device, request a one-time magic link to the email on file. The link expires after 10 minutes and can only be used once. It is not a replacement for a proper password but works as a recovery path.

Two-factor authentication (2FA)

Two-factor authentication is strongly recommended and is mandatory before your first withdrawal. It adds a second verification step on top of your password so that a leaked credential alone cannot drain your balance.

  • SMS code: a 6-digit code is sent to your registered mobile number. Fast and convenient but relies on your carrier's security. If your phone is lost or your SIM is swapped, SMS 2FA can be bypassed — use it as a starting point, not a long-term solution.
  • Authenticator app: use Google Authenticator, Authy, 1Password, Bitwarden or any TOTP-compatible app. Scan the QR code once during setup and generate rolling 6-digit codes offline. This is the safest widely-available option.
  • Email codes: an automatic fallback if SMS delivery fails. Works on any device with email access but is weaker than an authenticator app because it depends on the security of your mailbox.
  • Hardware keys: FIDO2/WebAuthn security keys (YubiKey, Google Titan) are supported on the desktop web client for high-balance accounts. Contact support if you want this enabled — it requires additional identity verification.

Once 2FA is on, every new device and every withdrawal request will trigger a challenge. Trusted devices can be remembered for 30 days if you tick the relevant box; after that, the challenge reappears automatically.

Forgot your password?

The reset flow is standard. On the login screen click Forgot password?, enter the email address on your account and check your inbox. A time-limited reset link arrives within a minute. The link expires after 30 minutes — if it lapses, simply start the flow again.

For security reasons, password reset cannot be initiated over live chat or email. Support cannot set a new password for you and will never ask for your current password. If an agent ever does, assume a phishing attempt and close the conversation.

Choose a new password with at least 10 characters mixing letters, numbers and one symbol. Avoid dictionary words, your name, your date of birth or any password you use elsewhere. A password manager makes this painless.

Account locked or can't sign in?

Repeated failed login attempts trigger a temporary lockout. This is a safety measure, not a punishment — it exists to slow down brute-force attacks against your account.

  • 5 failed attempts in 15 minutes — 30-minute cool-down. Wait it out and try again, or use the password reset flow.
  • 10 failed attempts in 24 hours — the account is soft-locked. You will need to verify by email or contact support to unlock.
  • Suspicious-activity lock — triggered by login attempts from new countries, Tor exit nodes or obviously automated sources. Requires an identity check (ID document) to release.
  • Self-exclusion or GAMSTOP lock — permanent during the chosen period. These cannot be lifted early, even by the operator, by design.

If none of the above apply and you still cannot sign in, reach out to 24/7 live support. Have your registered email, approximate last-login date and the last four digits of your payment method ready so the agent can identify you quickly.

Session security at a glance

Encrypted in transit

Every page, API call and WebSocket uses TLS 1.3. Login credentials and session cookies are never sent over unencrypted connections, and the site is hard-redirected to HTTPS.

Short-lived tokens

Your session token rotates periodically and is invalidated immediately on logout. Stolen tokens have a narrow window of usefulness and cannot be used to change your password or withdraw funds on their own.

Device list

Inside Account → Security you can see every device currently signed in, with country, browser and last-activity timestamp. Revoking a device kills the session instantly.

Activity alerts

Login from a new country, password changes and 2FA updates all trigger an email to your registered address. If you receive one you did not initiate, change your password and contact support straight away.

Good habits for UK players

  • Never share your password — support will never ask for it, and no legitimate third-party service needs it.
  • Enable 2FA before you make your first deposit, not after. It is easier to set up on a fresh account.
  • Use a password manager. Remembering one master passphrase is safer than reusing a weak password across sites.
  • Log out of shared or public computers and revoke the session from the device list when you get home.
  • If you are taking a break, use the cooling-off, self-exclusion or GAMSTOP tools rather than just changing your password.

If you want to explore promotions instead of signing in right now, jump to the bonuses page or read the FAQ for answers to common account questions.

Ready to sign back in?

Head to the official login screen to access your balance, claim active promotions and request withdrawals.

Go to login