Getting Started

WeTheNorth Market Registration Guide

Complete walkthrough for creating your WeTheNorth Market account with maximum security. Follow these steps carefully to protect your anonymity and funds.

✅ Prerequisites - Complete These First

Before registering on WeTheNorth Market, ensure you have:

🌐 Tor Browser Configured

Downloaded from torproject.org, security level set to "Safest", JavaScript disabled. Never use regular browsers for .onion sites.

🔒 VPN Active

VPN connected before launching Tor (Mullvad/IVPN/ProtonVPN recommended). Kill switch enabled to prevent leaks.

🔐 PGP Keys Generated

Public/private key pair created with 4096-bit RSA. Public key exported and ready to paste. Private key backed up securely.

🔑 Password Manager Ready

KeePassXC or similar password manager installed. Prepared to generate strong, unique password (20+ characters recommended).

⚠ī¸
Security Warning: If you haven't completed Security Fundamentals and PGP Encryption guides, STOP and read those first. Proceeding without proper setup compromises your anonymity.

🔗 Step 1: Access WeTheNorth Market Safely

  1. Verify Official Mirror Link:
  2. Copy .onion Address: Copy primary mirror link (e.g., wethenorthmarket1abc.onion)
  3. Paste into Tor Browser: Open Tor Browser, paste link into address bar
  4. Verify You're on Real Site:
    • Check URL matches exactly (one character difference = phishing)
    • Look for professional design (phishing sites are often poorly made)
    • Real WeTheNorth has Canadian theme (maple leaf branding)
  5. Bookmark Verified Link: Once confirmed legitimate, bookmark in Tor Browser (never search again)

📝 Step 2: Create Your Account

  1. Click "Register" or "Sign Up": Usually in top-right corner of homepage
  2. Choose Username:
    • Use pseudonym (NEVER real name or existing online handles)
    • Avoid patterns: Don't use same username as clearnet accounts
    • Example: "MapleUser2025", "CanadianBuyer47" (generic, untraceable)
    • Username is public - vendors see it, so choose wisely
  3. Generate Strong Password:
    • Use password manager to generate random 20+ character password
    • Mix uppercase, lowercase, numbers, symbols
    • Example: K7$mP9#qL2@nX4!wR6^tY8*
    • NEVER reuse passwords from other sites
    • Save password in password manager immediately
  4. Security PIN (if required):
    • Some markets require 6-digit PIN for withdrawals
    • Generate random PIN (don't use birthday, phone number)
    • Store in password manager alongside password
  5. Login Phrase / Mnemonic Code:
    • WeTheNorth generates random mnemonic phrase (e.g., "purple elephant dancing")
    • CRITICAL: Write this down immediately
    • This phrase appears on real WeTheNorth login page (phishing sites can't show it)
    • Used to verify you're on legitimate site every login
    • Store in password manager AND write on paper (offline backup)
  6. Complete CAPTCHA: Solve anti-bot challenge (usually simple text/image CAPTCHA)
  7. Click "Register" or "Create Account"
✓
Account Created! You should see confirmation message and be redirected to account settings or homepage. If registration fails, check username isn't already taken.

🔐 Step 3: Configure Security Features (CRITICAL)

Immediately after registration, configure these security features:

A) Add PGP Public Key

  1. Navigate to Settings → Security or Profile → PGP Key
  2. Copy your entire PGP public key (from Kleopatra/GPG Keychain): 
    -----BEGIN PGP PUBLIC KEY BLOCK-----
(your key here)
-----END PGP PUBLIC KEY BLOCK-----
  3. Paste into PGP Public Key field
  4. Click "Verify" or "Save"
  5. Marketplace may send encrypted test message - decrypt it to verify key works
⚠ī¸
Required for Orders: WeTheNorth requires valid PGP key before allowing orders. Without it, you cannot purchase anything.

B) Enable 2FA (Two-Factor Authentication)

  1. Navigate to Settings → Security → 2FA / Two-Factor Authentication
  2. Choose 2FA Method:
    • PGP 2FA (RECOMMENDED): Market encrypts 2FA code with your PGP key. You decrypt it on login. Most secure, requires PGP.
    • TOTP (Time-Based OTP): Use authenticator app (Aegis, andOTP on mobile; KeePassXC on desktop). Generates 6-digit codes.
  3. For PGP 2FA: Enable it, marketplace will send encrypted code on each login
  4. For TOTP 2FA:
    • Scan QR code with authenticator app (or manually enter secret key)
    • Enter 6-digit code from app to confirm setup
    • BACKUP SECRET KEY: Store secret key in password manager (allows recovery if phone lost)
  5. Save Backup Codes: Marketplace provides 5-10 backup codes for account recovery
    • Copy ALL backup codes to password manager
    • Write on paper and store securely (offline backup)
    • If you lose 2FA access, these codes are ONLY way to recover account

C) Set Anti-Phishing Image

  1. Navigate to Settings → Security → Anti-Phishing Image
  2. Choose unique image from marketplace gallery (or upload custom image if allowed)
  3. Select distinctive image you'll remember (not generic)
  4. How It Works:
    • Your chosen image displays on login page BEFORE you enter password
    • If image is missing or wrong = phishing site (DO NOT LOGIN)
    • Phishing sites can't show your image because they don't know which you chose

D) Withdrawal PIN (if not set during registration)

  1. Settings → Security → Withdrawal PIN
  2. Create 6-digit PIN for withdrawing funds (different from login password)
  3. Store in password manager
  4. Required every time you withdraw XMR from marketplace to external wallet

✅ Step 4: Test Your Security Setup

Before making first order, verify everything works:

1ī¸âƒŖ Test PGP Encryption

  • Navigate to a vendor profile
  • Copy vendor's PGP public key
  • Encrypt test message: "This is a test"
  • If encryption works, your PGP setup is correct

2ī¸âƒŖ Test 2FA Login

  • Logout of marketplace
  • Login again with username + password
  • Enter 2FA code (from PGP decrypt or TOTP app)
  • Verify login succeeds

3ī¸âƒŖ Verify Anti-Phishing Image

  • Logout and return to login page
  • Confirm your chosen image displays
  • Memorize this image (check it EVERY login)

4ī¸âƒŖ Check Mnemonic Code

  • On login page, verify your mnemonic phrase appears
  • Should match phrase you wrote down during registration
  • If different phrase = phishing site

⚙ī¸ Recommended Account Settings

Optimize these settings for security and privacy:

Privacy Settings:

  • Hide Online Status: Enable if available (prevents tracking of login patterns)
  • Disable Order History Logging: Some markets allow this - reduces forensic evidence
  • Auto-Logout Timer: Set to 15-30 minutes of inactivity (protects if you walk away from computer)

Notification Settings:

  • Disable Email Notifications: If marketplace allows email, disable it (no email = no email leaks)
  • Enable On-Site Notifications: For vendor messages, order updates (check while logged in)

Display Settings:

  • Currency Display: Set to preferred currency (USD, CAD, EUR) for price display
  • Timezone: Set to your timezone or UTC (for easier tracking of order timestamps)

✅ Post-Registration Security Checklist

Verify you've completed all critical security steps:

  • ☑ Account created with strong, unique password (20+ characters)
  • ☑ Password saved in password manager
  • ☑ Mnemonic phrase written down and stored securely
  • ☑ PGP public key added to account settings
  • ☑ PGP encryption tested (can encrypt/decrypt messages)
  • ☑ 2FA enabled (PGP 2FA or TOTP)
  • ☑ 2FA backup codes saved (password manager + paper backup)
  • ☑ Anti-phishing image set and memorized
  • ☑ Withdrawal PIN created and saved
  • ☑ Login tested successfully with 2FA
  • ☑ Mnemonic code verified on login page
  • ☑ .onion link bookmarked in Tor Browser

🔧 Common Registration Issues

❌ "Username Already Taken"

Solution: Try different username. Add numbers/underscores (e.g., CanadianBuyer_2025).

❌ CAPTCHA Keeps Failing

Cause: Tor Browser security settings may interfere.
Solution: Try different Tor circuit (New Identity), or temporarily lower security level to "Safer" (change back to Safest after registration).

❌ "Invalid PGP Key"

Cause: Key format incorrect or incomplete.
Solution: Ensure entire key is copied (including BEGIN/END lines). Try exporting again from Kleopatra.

❌ Registration Page Not Loading

Cause: Mirror might be down, or circuit issue.
Solution: Try different mirror link from /mirrors page. Request new Tor circuit (New Identity).

🚀 What's Next After Registration?

  1. Don't Order Immediately: New accounts may have restrictions (deposit limits, escrow-only orders)
  2. Acquire Monero (XMR): Follow Monero Payment Guide to buy crypto anonymously
  3. Research Vendors: Check vendor ratings, reviews, Dread forum reputation (/d/WeTheNorth)
  4. Make Small Test Order: First order should be small quantity from established vendor (build trust)
  5. Understand Escrow: Read Escrow System Guide before depositing funds
  6. Never Finalize Early: WeTheNorth prohibits FE (Finalize Early) - use escrow for all orders
💡
Pro Tip: Spend 1-2 days exploring marketplace, reading guides, and researching vendors BEFORE making first order. Patience reduces mistakes and scam risk.

Continue Your Journey

Registration complete! Now learn how to acquire Monero and understand the escrow system.

Monero Payment Guide Escrow System Guide