The game has been criticized for initially lacking security features ubiquitous on other sites, like two-factor authentication. On October 19, 2020, a vulnerable security flaw was discovered that exposed the phone number linked to a player’s account during the password recovery attempt on the miHoYo website, however the issue was not rectified until November 9, 2020. miHoYo has issued notices following the wake of security exposures, informing players to be careful about sharing account details and to bind their account to their email address and phone number. In May 2021, two-factor authentication was added whenever the player signs in on a new device.
Similar to other online games, the game uses an anti-cheat system implemented by a kernel driver. The driver is used to prevent other programs from performing code injection, memory inspection, and other process manipulation. Originally, the anti-cheat driver would remain loaded after the game exited. This issue was rectified shortly after the game’s release, and now unloads as soon as the game exits.