Sign In to King Hills Casino
Logins happen on the official King Hills site, never here. We do not collect, store or process any account credentials. This page explains how to sign in safely and what to do if access goes wrong.
King Hills Casino is operated by Pointissimo B.V. under Curacao licence 8048/JAZ-2019-049. All login activity, account changes, deposits and withdrawals take place on the operator's own domain, secured with TLS encryption. This page is part of an independent UK guide and does not host a real login form. Anyone landing on a "King Hills login" form outside the official domain should close the tab immediately.
To sign in, click the "Go to Official Login" button above. You will be redirected to the live King Hills site, where you can enter the email and password you registered with. If two-factor authentication is enabled on your account, you will be prompted for a verification code. Always confirm the address bar shows the official domain before typing your password.
Forgot your password? Use the "Reset password" link on the operator's login screen. A reset email is sent to the address tied to your account, normally within a few minutes. Check spam if it does not arrive. If your inbox is no longer accessible, contact King Hills support; they will run identity verification before any change to recover the account.
It is worth being plain about jurisdiction. King Hills' own terms list the United Kingdom among the countries whose residents are not permitted to deposit or play for real money, alongside the United States, Spain, France, the Netherlands, Israel and several others. This independent guide therefore exists to document the brand's login flow for informational purposes and for travellers or expats who legitimately hold an account elsewhere — it is not a workaround. If you are tax-resident in the UK, a UKGC-licensed casino is the appropriate choice.
Login security checklist
Use a unique password
Generate it with a password manager. Reusing a password from another site is the single biggest reason gambling accounts get hijacked.
Turn on 2FA
Where the operator offers two-factor authentication, enable it. An authenticator app is safer than SMS where both options exist.
Check the domain
Phishing pages often clone branding pixel-perfect. Bookmark the real King Hills login URL and only sign in from that bookmark.
Avoid public Wi-Fi
Never sign in from open hotel or cafe Wi-Fi without a trusted VPN. Mobile data is usually safer for cashier and login screens.
Beyond the four habits above, treat your login e-mail address with the same care as the password itself. If a phisher gains access to that inbox, the King Hills password-reset link can be intercepted regardless of how strong the casino password is. Apply two-factor authentication to your e-mail provider first, switch on log-in alerts, and review any active sessions or app passwords periodically.
King Hills support communicates from operator-controlled e-mail addresses and from the on-site live chat only. No legitimate agent will ask for your password, the full long number on your card, your full PIN, or a screen-share into your banking app. If anyone contacts you claiming to be from King Hills and requests those details, end the conversation and report it via live chat the next time you sign in.
Sign in on the official site
We never ask for your password. The button below opens the King Hills Casino login on the operator's own domain. 18+ only. Curacao licence 8048/JAZ-2019-049. Play responsibly. BeGambleAware.org.
To repeat the boundary clearly: this page is not a login portal. It is part of an independent UK review and contains no form fields, cookies or scripts that can capture an e-mail or password. The "Open Official Login" button is a plain outbound link to the operator's own kinghills.com sign-in screen, where the genuine TLS-secured form lives and where Pointissimo B.V. handles authentication under its Curacao licence.
If you are signing in primarily to manage your play rather than to gamble, head straight for the Responsible Gaming section once authenticated. Deposit limits, loss limits, session reminders, time-out periods and self-exclusion can all be set from inside the account, and the operator points players to GamCare and GambleAware for additional support.
Step-by-Step Login Walkthrough
A complete journey from "I want to sign in" to "I am inside the cashier", written for first-time visitors and returning players alike. None of the steps below are performed on this page; they describe what you will see when you reach the operator's own kinghills.com domain.
Open the official site
Type kinghills.com into the address bar yourself, or use the bookmark you saved after registration. Avoid clicking unknown links from email or social ads.
Verify the padlock
Confirm the browser shows a closed padlock and the address begins with https://. The certificate should be issued to kinghills.com, not to a look-alike domain.
Click Login
The Login button sits in the top-right corner on desktop and inside the hamburger menu on mobile. A modal slides in with two fields: email and password.
Enter your email
Use the address you registered with. King Hills uses email rather than a separate username, which keeps the login surface narrow and reduces guess-the-username attacks.
Enter your password
Paste from your password manager rather than typing. The eye icon toggles visibility briefly so you can sanity-check the value before submitting.
Two-factor challenge
If 2FA is enabled, an email-delivered code arrives within seconds. Enter the six-digit value within its expiry window — usually ten minutes — to complete the sign-in.
Land on the dashboard
The lobby loads with your balance, recent activity and any open promotions. Pinned tiles include Cashier, Bonuses, Game Lobby and Account.
Confirm session details
Glance at the Account > Activity panel to confirm the previous login matches your last known sign-in. Anything unfamiliar should trigger an immediate password change.
Log out cleanly
When you finish, choose Log out rather than just closing the tab. This invalidates the session token and prevents anyone with the device from resuming play.
Login Methods Compared
King Hills keeps the sign-in surface deliberately narrow. Below is how the available options measure up, and which is missing relative to bigger UKGC-licensed brands.
| Method | Available | Convenience | Security |
|---|---|---|---|
| Email + password | Yes (default) | High | Strong with 2FA on email |
| Username + password | No | N/A | N/A |
| SMS one-time code | Not standard | Medium | Vulnerable to SIM-swap |
| Email-delivered 2FA | Yes | Medium | Strong if email is hardened |
| Authenticator app (TOTP) | Not advertised | High | Very strong |
| Biometric (device-level) | Browser autofill only | Very high | Depends on device |
| Social login (Google/Facebook) | No | N/A | N/A |
| Passkey / WebAuthn | Not advertised | Highest | Strongest available |
Two-Factor Authentication Setup
Email-delivered 2FA is the standard option at King Hills. This is the path we recommend every player walks, because the most expensive accounts to lose are always the ones secured by a single password.
Open Account > Security
After signing in, click your avatar in the top-right and choose Account. Inside the sidebar look for the Security or Login Settings tab. The 2FA toggle lives there.
Confirm your email
Because the second factor is delivered to your inbox, the operator first sends a confirmation code to make sure the email on file is actually controlled by you.
Toggle 2FA on
Flip the switch to Enabled and accept the prompt. From this point onwards every login from a new device or new IP will require an email verification code.
Test on a second device
Sign out and sign back in from a second browser or your phone. If the code arrives and works, the feature is correctly active. If not, contact support before relying on it.
Harden the email account
Apply 2FA to your Gmail, Outlook or ProtonMail account too — ideally with an authenticator app. The casino code is only as safe as the inbox it lands in.
Document recovery options
Note in your password manager which email serves the casino, and confirm that recovery options on the email account itself are current and accessible.
Password Best Practices
A password chosen well takes minutes; a password chosen badly costs hours of dispute and possibly the entire balance. The five habits below cover ninety per cent of the risk.
Length over complexity
Sixteen random characters beats eight characters with symbols. Modern hardware cracks short passwords in seconds even when they look "complex".
Mix character classes
Upper case, lower case, digits and symbols. The King Hills sign-up form enforces a sensible minimum, but going further than the minimum is always free.
Use a password manager
Bitwarden, 1Password, KeePass, iCloud Keychain — any of them is a vast improvement over re-using one password across sites. Generate a fresh one for each casino.
Never reuse
If your eBay password leaks, the attacker will try the same value on every casino. Reuse is the single biggest cause of "I was hacked even though I have nothing wrong".
Rotate after incidents
When haveibeenpwned.com flags an old breach involving your email, rotate the casino password as well — even if the leaked breach was unrelated.
Never share verbally
A genuine support agent will never ask for the password, full card number or PIN. If anyone asks for these in chat or by phone, end the conversation.
Avoid personal facts
Pet names, birthdays, partner names and football clubs all live in your social media profile. Treat them as known to attackers and exclude them from passwords.
Beware clipboard hijack
On shared computers, clipboard managers can capture pasted passwords. Sign in only on devices you control and clear clipboard history after sensitive operations.
Lock the master vault
If your password manager is unlocked all day, an attacker with five minutes at your desk gets every casino credential. Auto-lock after fifteen minutes of idle.
Account Recovery Walkthroughs
Three of the most common scenarios when access goes wrong, with step-by-step recovery routes. If your situation does not match any of these, write to support with a full description and they will route the ticket to the right team.
Forgot password
- Open the Login modal on the official site.
- Click "Forgot password?" beneath the form.
- Enter the email address registered to the account.
- Check your inbox (and spam) for a reset link.
- Open the link on the same browser within ten minutes.
- Choose a fresh, manager-generated password.
- Sign in to confirm the change worked.
Locked account
- Wait fifteen minutes if it was an automatic lock.
- Try one more login from your usual device.
- Open live chat and quote the registered email.
- Confirm date of birth and registration year.
- Submit any pending KYC documents requested.
- Wait for the support reply with unlock confirmation.
- Change the password as soon as you regain access.
Lost 2FA inbox
- Stop login attempts to avoid further lockouts.
- Try to recover the email account first via its provider.
- If recovery fails, write to King Hills support from a new address.
- Provide passport scan and proof of address.
- Answer security questions tied to the account.
- Wait 24-72 hours for manual KYC review.
- Re-enable 2FA on the new email immediately.
The recovery flows above are deliberately gated by identity verification. That can feel slow, but the gating is exactly what stops a stranger with your guessed password from rotating the email and locking you out for good. If you find yourself impatient, the right reaction is to make sure your registered email is one you will hold for years, not the throwaway you used in 2019.
One more practical note: do not delete the casino reset email until the new password is confirmed working. The link is single-use, but having the timestamp visible in your inbox helps support reconstruct the timeline if anything later goes wrong with the account.
Common Login Errors and Fixes
If the sign-in screen rejects your credentials, the message will usually narrow down the cause. Below is a translation table for the most frequently seen errors.
| Error message | Likely cause | Fix |
|---|---|---|
| Invalid email or password | Mistyped value or capitalisation mismatch | Paste from password manager; check Caps Lock |
| Account temporarily locked | Too many failed attempts in a short window | Wait 15 minutes, then use Forgot password |
| Service not available in your country | IP geolocation falls inside a restricted territory | Travel-related; do not use VPN to bypass terms |
| Account suspended | Manual hold for KYC, AML or T&Cs review | Contact support; supply requested documents |
| Verification code expired | 2FA code unused beyond its window | Click "Resend code" and enter immediately |
| Account not found | Wrong email — possibly a typo or duplicate signup | Search inbox for the original welcome email |
| Self-exclusion in effect | Active SE period has not yet expired | Honour the cooling-off; request support if a mistake |
| Connection timed out | Slow network or congested Wi-Fi | Switch to mobile data or another network |
| Maintenance in progress | Scheduled platform update | Wait 15-60 minutes; check the operator's status page |
| Suspicious activity detected | Unusual IP, device fingerprint or velocity | Verify identity via email; sign in from usual device |
Browser and OS Compatibility
King Hills runs in any current browser without a download. The matrix below covers what we have tested for clean login flow, autofill behaviour and 2FA copy-paste reliability.
Browsers
| Browser | Status | Notes |
|---|---|---|
| Chrome 120+ | Excellent | Full autofill, fastest 2FA paste |
| Firefox 121+ | Excellent | Container tabs for isolation |
| Safari 17+ | Excellent | Keychain biometric autofill |
| Edge 120+ | Excellent | Smart Screen blocks phishing |
| Opera GX 105+ | Good | Built-in VPN may trip geofence |
| Brave 1.60+ | Good | Disable shields if scripts fail |
| Internet Explorer | Unsupported | End-of-life; do not use |
Operating systems
| OS | Status | Notes |
|---|---|---|
| Windows 11 | Excellent | Hello biometric supported |
| Windows 10 | Excellent | Patch to latest cumulative |
| macOS Sonoma | Excellent | Touch ID with Safari Keychain |
| iOS 17+ | Excellent | Face ID / Touch ID autofill |
| Android 13+ | Excellent | Biometric prompt via Chrome |
| Ubuntu 22.04+ | Good | Use Firefox or Chromium |
| ChromeOS | Good | Chrome profile sync simplifies sign-in |
Mobile Login Guide
King Hills does not ship a native iOS or Android app. Sign-in happens inside the mobile browser, which is actually a security positive — apps from third-party stores would be a phishing risk in their own right.
Bookmark the URL
Save kinghills.com to your browser bookmarks immediately after registration. Never sign in from a search-engine ad result.
Add to Home Screen
iOS Safari and Android Chrome both let you pin the site as an icon on the home screen — closer to a real app, with the same security model.
Browser autofill
Keychain on iOS, Google Password Manager on Android and Bitwarden everywhere will offer to remember the credentials after first sign-in.
Biometric unlock
Face ID or fingerprint can release the saved password from the device vault — the casino itself never sees your biometric template.
Mobile data over Wi-Fi
Cellular networks isolate you from local attackers. For sensitive operations like cashier withdrawals, switch off Wi-Fi briefly.
Shoulder-surfing
On commutes, tilt the screen away. The peek-eye icon is convenient but reveals the full password to anyone behind you.
Update the OS
Outdated phones miss certificate-store updates and may show false "secure" warnings. Keep iOS or Android on the latest minor release.
Log out before lending
If you hand the phone to a friend even briefly, log out of the casino first. Browser tabs persist for hours after backgrounding.
12-Point Security Checklist
Print this list, tape it to the side of your monitor, and tick everything off before you spin a single reel. The work pays back the first time someone tries to phish you.
Password is unique to King Hills
Generated by a password manager and used nowhere else.
Two-factor authentication is on
Email-delivered codes are enabled in Account > Security.
Email account is hardened
Provider 2FA enabled, recovery options current, login alerts on.
Address bar shows kinghills.com
No homoglyphs (kinghi11s, k1nghills) and a green padlock.
Bookmark used instead of search
Avoids the entire class of malicious paid-search ads.
Operating system is up to date
Critical security patches applied within the last 30 days.
Browser is current
Latest stable channel; risky extensions removed.
No public Wi-Fi for cashier
Use mobile data or a trusted home connection.
Device is yours, not borrowed
Avoid library, hotel-business-centre and friend's PCs entirely.
Phishing reports filed
Forwarded suspicious "King Hills" emails to support before deleting.
Logged out at end of session
Used the menu item, not just the close-tab button.
Session activity reviewed monthly
Account > Activity scanned for unfamiliar IPs or devices.
Phishing Red Flags
Almost every casino account hijack we have seen begins with a phishing message. The signs below appear in 95% of malicious emails and pages — if any one of them shows up, slow down.
Urgent threats
"Your account will be closed in 24 hours unless you confirm." Real operators give days, not hours, and never threaten via cold email.
Wrong sender domain
Hover over the From address and inspect the part after the @. kinghills-support.co or kinghi11s.com is not King Hills.
Unexpected attachments
Casinos do not send PDFs or DOCX files unsolicited. An attachment claiming to be a "bonus invoice" is malware nine times out of ten.
Asks for password
No legitimate agent ever needs your password. Anyone asking is by definition not from King Hills, regardless of the badge they show.
Generic greeting
"Dear customer" is a tell — the operator has your name on file. Personalisation is not proof of authenticity, but its absence is a red flag.
Mismatch between text and link
The visible text says kinghills.com but the underlying href points elsewhere. Hover before clicking; on mobile, long-press to inspect the URL.
"Verify your card now"
Card-detail re-verification by email is not a thing. KYC and AML steps happen inside the logged-in account, never via a one-off email link.
Spelling and grammar
Professional support copy is proofread. Typos, broken capitalisation and clumsy sentence structure are unmistakable phishing tells.
Pressure to act outside the site
"Send your details to this WhatsApp" is never legitimate. Real operators handle conversations on their own platforms.
Session Management
A login is not a moment but a window. Understanding how that window opens, persists and closes is the difference between casual play and being audit-ready.
Idle auto-logout
After about 30 minutes of inactivity the session is closed automatically. The next click forces a fresh login, which limits exposure on shared devices.
"Remember me" trade-off
Ticking the box extends the session lifetime to 14-30 days. Convenient on a personal laptop, dangerous on anything you share.
Multi-device sessions
You can be signed in on a phone and a laptop at once. The Activity panel lists every active token; revoke any you do not recognise.
Manual logout
Use the menu's Log out item rather than just closing the tab. The latter leaves the session token alive in cookies for an attacker with physical access.
Re-auth before cashier
High-risk actions like withdrawing or changing payment methods can prompt for the password again, even within an active session.
Session pinning
The cookie is bound to your IP and user-agent. Switching networks during a session — for example phone hotspot to home Wi-Fi — may force a re-login.
Geo-Restrictions and VPN Policy
King Hills lists several restricted territories in its terms. Attempting to bypass the geofilter through a VPN is itself a terms violation and can result in voided winnings.
| Territory | Status | Notes |
|---|---|---|
| United Kingdom | Restricted | Use a UKGC-licensed brand instead |
| United States | Restricted | All states blocked |
| Spain | Restricted | DGOJ jurisdiction only |
| France | Restricted | ANJ jurisdiction only |
| Netherlands | Restricted | KSA jurisdiction only |
| Israel | Restricted | National blanket prohibition |
| Curacao | Restricted | Operator's home jurisdiction excluded |
| Germany | Limited | GGL-licensed slots only elsewhere |
| Canada | Allowed | Excluding Ontario (AGCO licensure required) |
| Norway | Allowed | Player-funded compliance burden |
| Finland | Allowed | Pre-2026 monopoly transition |
| New Zealand | Allowed | Offshore play tolerated |
VPN warning. Logging in through a VPN while physically in a restricted territory is a breach of the King Hills terms and conditions. The operator runs device-fingerprint and payment-instrument geolocation alongside IP checks, so a VPN is not a reliable workaround. If a discrepancy is detected during KYC the account can be closed and any winnings forfeited.
Travellers temporarily abroad with a legitimately registered account from a permitted country should sign in over their normal residential IP wherever possible. If the geofence trips because of a hotel network, the cleanest fix is to switch to mobile data rather than reach for a VPN.
Why Accounts Get Suspended
Suspension is rarely random. Below are the genuine triggers, in rough order of frequency, that we have seen on King Hills and broadly comparable Curacao-licensed operators.
Duplicate accounts
Two accounts at the same household or same payment method violate the one-account rule. Both are usually frozen pending review.
Geofence breach
VPN traffic detected, or the registered country and the active IP no longer match the documents on file.
KYC overdue
Identity documents requested at the cashier and not provided within 14 days will trigger a hold until verification is completed.
Bonus abuse
Patterns that look like opening multiple accounts to harvest welcome offers will fail the AML review and lead to closure.
Payment chargeback
A successful card chargeback freezes the account immediately while the operator reconciles the disputed funds.
Self-exclusion
Active SE periods bar login. The block is enforced even if the player changes their mind, which is the entire point.
Suspicious login
Many failed attempts, an unusual device fingerprint or a foreign IP can put the account into a holding pattern until you confirm by email.
AML threshold crossed
Cumulative deposits over the EUR 2,000 threshold trigger enhanced due diligence. Until that is satisfied, withdrawals pause.
Third-party funds
A deposit method that does not belong to the registered player is rejected and may freeze both the source and destination account.
KYC Triggers After Login
Curacao-licensed brands run KYC at risk-based moments rather than upfront. Logging in successfully does not mean you are fully verified — these are the events that prompt the operator to ask for documents.
| Trigger | Documents requested | Typical turnaround |
|---|---|---|
| First withdrawal | Passport / ID, proof of address | 24-48 hours |
| Cumulative deposits over EUR 2,000 | Source-of-funds declaration | 2-5 business days |
| Address change | Recent utility bill, bank statement | 24-72 hours |
| Payment method swap | Card photo (front, masked) and selfie | 12-48 hours |
| Big single win | Full KYC + screen-recorded proof of game | 3-7 business days |
| Inconsistent device geolocation | Selfie holding ID at registered address | 24-72 hours |
| Random AML sample | Bank statements covering the last 90 days | 3-5 business days |
Login Activity and Audit Log
Inside Account > Activity, King Hills exposes a chronological log of every sign-in. It is one of the most powerful and most under-used security tools the platform offers.
Timestamp accuracy
Each entry shows the exact UTC datetime of the session start. Cross-reference against your own memory or calendar to spot foreign sign-ins.
IP and country
An unfamiliar country or ASN is the clearest indicator of compromise. Even a single suspicious row warrants an immediate password rotation.
Device fingerprint
Browser, platform and screen-size hash form a stable fingerprint. A fresh fingerprint paired with a successful login means a new device authenticated.
Result column
Successful, failed and "blocked by 2FA" outcomes are colour-coded. Repeated failures from one IP usually indicate a credential-stuffing attempt.
Session revocation
Active sessions can be killed individually or all-at-once. After revocation the affected device must re-authenticate from scratch.
Export for records
Where the platform offers CSV export, save a copy each month. The audit log becomes invaluable evidence in any future dispute with support.
Mirror Sites and Domain Verification
"Mirror" sites pretend to be the genuine operator and harvest credentials. Below is how to confirm you are on the real King Hills domain — and what to do if you are not.
Confirm the apex domain
The genuine site lives at kinghills.com. Anything with extra words (kinghills-online, mykinghills, kinghills247) should be considered a clone.
Inspect the certificate
Click the padlock and confirm the issued-to value matches kinghills.com. Self-signed or wildcard *.tk certificates are immediate red flags.
Watch for homoglyphs
Latinised lookalikes (kinghi11s with two ones, kingnills with an n) are a favourite phishing trick. Render the domain in a monospace font when in doubt.
Use a bookmark
Once you have visited the real site, save the bookmark and open it from there forever. Search engines occasionally surface clones in paid-ad slots.
Never trust unsolicited links
Affiliate emails, social-media DMs and Telegram groups are common phishing vectors. Type the domain yourself or use your bookmark.
Report clones
Forward suspicious "King Hills" pages to the operator's support and to phishtank.org. Reporting helps the broader take-down ecosystem.
Independent Site Disclosure
To make the boundary unmistakable: this site is an independent UK review and guide. We are not King Hills Casino, not Pointissimo B.V., not licensed by Curacao or the UKGC, and not authorised to act on behalf of any operator. We do not store, transmit, broker or otherwise process player credentials. There is no login form on this domain, no script that captures keystrokes, and no third-party widget that submits values to a remote server.
Every "Sign in" or "Login" button on this guide is a plain outbound link that opens the operator's own kinghills.com domain in a new tab via the standard openAffiliate handler. After the redirect, all interaction takes place on the operator's TLS-encrypted infrastructure under their own privacy policy and terms of service. We have no visibility into your account, balance, deposits, withdrawals or messages with support.
The reason we publish a "Login" guide at all is the same reason consumer reviews of any service are valuable: a clear, neutral walk-through reduces the chance of mistakes, makes the platform less intimidating for newcomers, and points readers at the responsible-gambling tools that the operator itself buries inside the account dashboard.
This Independent Guide vs the Operator Portal
Two pages can carry the King Hills name — this one, and the operator's. Here is what each is for and where the responsibilities sit.
This independent guide
- Editorial reviews, walkthroughs, FAQs.
- No login form, no credential intake.
- No deposit, withdrawal or balance access.
- No ability to unlock or close your account.
- Affiliate-funded outbound links to the real operator.
- UK-focused responsible gambling messaging.
- Not regulated by the UKGC.
Operator portal (kinghills.com)
- Real login, registration and KYC.
- Cashier, payment methods, withdrawals.
- Game lobby, live casino, jackpots.
- Account suspension and self-exclusion controls.
- Customer support via live chat and email.
- Operated by Pointissimo B.V., licensed in Curacao.
- Subject to operator terms and conditions.
Support Channels if Locked Out
If you cannot get past the login screen, the operator's support team is the only authority that can intervene. Channels and rough hours are below.
| Channel | Hours | Best for | Typical wait |
|---|---|---|---|
| Live chat | 24/7 | Urgent unlocks, password resets | Under 5 minutes |
| Email support | 24/7 inbox | Document submission, complaints | 12-24 hours |
| Help centre articles | Always | Common questions before opening a ticket | Instant |
| Curacao eGaming complaints | Mon-Fri office hours | Unresolved disputes after 30 days | Several weeks |
| GamCare helpline | 24/7 | Gambling-harm support, not account lockouts | Under 2 minutes |
When you open a ticket, give the agent everything they need on the first message: the registered email, approximate registration year, last successful login date, and a one-line description of the problem. Round-trips burn time. If the issue is a hard lockout you cannot prove ownership for from outside, expect to be asked for ID and a hand-held selfie before any account action is taken.
Politeness costs nothing and helps. Frontline agents triage hundreds of conversations a day; a clear, courteous ticket gets routed to the right team faster than an angry one. If you genuinely feel mistreated, escalate through the help centre's complaints process rather than going scorched-earth in chat.
Responsible Gambling Tools at Login
The most important reason to sign in is sometimes not to play but to set the limits that govern future play. The operator places these tools inside the account dashboard, one click from any landing page after login.
Deposit limits
Daily, weekly or monthly caps on the cashier. Lowering a cap is instant; raising one is gated by a 24-hour cooling-off period.
Loss limits
Caps how much net loss the account is allowed to take in a window. Once the limit is hit, the cashier is locked.
Session timer
A periodic on-screen reminder of how long you have been signed in. Pairs well with a deposit limit to avoid time-blindness.
Reality check
Pop-ups every 30, 60 or 90 minutes summarising stake, wins and losses for the current session. Excellent counter to autoplay drift.
Time-out
A short cooling-off, usually 24 hours to 6 weeks, that blocks login without closing the account. Reversal happens automatically when the period ends.
Self-exclusion
A long cooling-off, three months to five years, enforced internally and not reversible casually. Combine with Gamban for device-level blocking.
Account closure
Routine closure for non-gambling reasons. Funds are paid out, KYC is finalised, and the account is deactivated. Re-opening is by request.
External help
GamCare 0808 8020 133 and BeGambleAware 0808 8020 133 offer free, confidential support — outside the operator's own logged-in tools.
Gamban / Gamstop
Device-level (Gamban) or UK-network-level (Gamstop, for UKGC sites) blocks complement operator-side limits. Use both together.
Login Myths Debunked
Casino forums collect a lot of folklore around sign-in. Here are the half-truths we see most often, with the actual mechanics next to each.
Myth: "Clearing cookies fixes a lockout"
Reality: lockouts are server-side. Clearing cookies merely re-shows the login form; the underlying account state is untouched.
Myth: "Incognito hides my IP"
Reality: private browsing only stops local cookie storage. The casino still sees your IP, ISP, geolocation and device fingerprint.
Myth: "Two-factor codes can be reused"
Reality: each code is single-use and time-limited. Re-typing a previous code always fails; click Resend if needed.
Myth: "VPN bypasses the geofence cleanly"
Reality: device fingerprint, billing address and KYC documents make geofencing multi-layered. A VPN alone is not enough and is itself a terms breach.
Myth: "Resetting the password unlocks AML holds"
Reality: AML and KYC holds are independent of password state. A reset only fixes credential problems, not document review.
Myth: "Closing the tab logs me out"
Reality: the session token can persist for hours. Use the explicit Log out menu item to invalidate it server-side.
Login Terminology Glossary
A short reference for the jargon thrown around in support tickets and forum posts.
| Term | Plain-English meaning |
|---|---|
| 2FA / MFA | A second proof of identity beyond the password — typically a code emailed or generated by an app. |
| TOTP | Time-based One-Time Password, the rolling six-digit code generated by Authy or Google Authenticator. |
| Session token | A cookie set after sign-in that proves to the server you are still logged in. |
| Device fingerprint | A hash of browser, OS and screen settings used to recognise the same device across sessions. |
| Credential stuffing | Attacks that try email/password combos leaked from other sites against your casino login. |
| Phishing | Tricking you into typing your password on a fake page that looks like the real one. |
| KYC | Know Your Customer — the identity-verification step required by regulators. |
| AML | Anti-Money Laundering — the source-of-funds checks tied to large or unusual deposits. |
| Self-exclusion (SE) | A formal block of three months to five years that prevents login while active. |
| Cooling-off | A short, automatically reversible block, usually 24 hours to 6 weeks. |
| Mirror site | A clone domain pretending to be the real operator. Always a phishing risk. |
| Geofence | The IP-based filter that blocks logins from restricted territories. |
Anatomy of a Login Attempt
From the click on Login to the loaded dashboard, here is what happens behind the scenes — useful when something goes wrong and you need to describe the failure to support.
Click registers
The browser submits a form POST to the auth endpoint over HTTPS. No values are stored client-side.
Rate-limit check
The server checks how many login attempts your IP has made in the last hour and either lets the request continue or returns a soft block.
Password hash compared
Your typed password is hashed and compared against the stored hash. The original is never stored or compared in plain text.
2FA gate
If 2FA is on, the auth process pauses and an email is dispatched. The session token is not yet issued.
Code submitted
You enter the six-digit code; the server validates it within a 10-minute expiry window and a single-use guarantee.
Session issued
A signed session cookie is set, scoped to kinghills.com, marked HttpOnly and Secure. The dashboard finally loads.
Audit log written
The successful login is appended to your Account > Activity log with timestamp, IP, country and device fingerprint.
Ready to sign in?
Use the button below to open the operator's own login screen at kinghills.com. We never collect credentials. 18+ only. Curacao licence 8048/JAZ-2019-049. BeGambleAware.org.
Frequently Asked Questions
I have forgotten my password — how do I reset it? ▾
Go to the official login screen on kinghills.com and click the "Forgot password?" link below the form. Enter the email address you registered with and the operator dispatches a secure reset link, typically within 60 seconds. The link is single-use and time-limited, so open it on the same device where you intend to sign in. New passwords must mix upper and lower case letters with at least one number, with a minimum length the form will enforce. We recommend a password manager rather than reusing a credential from another site.
My account has been locked — what should I do? ▾
Repeated failed login attempts, sign-ins from unusual locations, or pending KYC documents can trigger a temporary block. Reach out to King Hills support through their on-site live chat or email, quote the email address on the account, and have ID ready in case the agent runs a verification step. We are an independent guide and cannot unlock accounts, modify balances or override self-exclusion on your behalf, no matter who asks. If you suspect an unauthorised attempt, request an account freeze and review session history once you regain access.
Does King Hills support two-factor authentication? ▾
Two-factor authentication via email is available at sign-in, prompting you to confirm a verification code sent to the registered inbox. Authenticator-app or SMS-based 2FA is not currently advertised as a standard option on King Hills, which is one of the gaps versus a UKGC-licensed brand. That makes a strong, unique password and a well-secured email account doubly important. Apply 2FA to your email provider first, since whoever controls that inbox can intercept any password-reset link issued by the operator regardless of how strong the casino password is.
Can I change the email address registered to my account? ▾
Yes, but the change is gated by identity verification rather than self-service. Contact King Hills support through live chat or email, request an email-change ticket, and the agent will run a KYC step before updating the address on file. This is deliberate: an unrestricted email change would let an account hijacker redirect the password-reset path. The process typically completes inside 24-72 hours once the verification documents are accepted. Plan ahead if you are about to lose access to the registered inbox; doing it in advance is far easier than recovering after the fact.
Can I sign in from the United Kingdom? ▾
King Hills' own terms list the United Kingdom as a restricted territory, alongside the United States, Spain, France, the Netherlands, Israel and several others, which means the operator does not formally accept UK-resident registrations. Existing accounts opened in breach of those terms may be voided. This independent guide documents the login flow for informational purposes and for travellers or expats who legitimately hold an account elsewhere; it is not a workaround. If you are tax-resident in the UK, a UKGC-licensed casino is the appropriate choice for ongoing real-money play.
How do I close my King Hills Casino account? ▾
Account closure is a routine support request rather than a self-service toggle. Sign in, open live chat or email, and ask for the account to be closed. The agent will withdraw any remaining balance to your verified payment method (after KYC) and then deactivate the account. If your reason for closing is gambling-related, ask explicitly for self-exclusion rather than simple closure: self-exclusion of three months to five years is enforced internally and cannot be reversed casually. Use Gamban for device-level blocking across all gambling sites alongside operator-level closure for a stronger barrier.
Why isn't this page a real login portal? ▾
This domain is an independent UK review and guide site, not the operator. We do not host any login form, do not collect or transmit credentials, and do not run scripts that could capture an email or password. All login activity, account changes, deposits and withdrawals take place on Pointissimo B.V.'s own kinghills.com domain, secured with TLS. Anyone landing on a "King Hills login" form on a third-party domain should close the tab immediately. The "Open Official Login" button on this page is a plain outbound link to the genuine sign-in screen.