Your data security and privacy is our top priority. Here are some things we do to ensure your account safety:
- We require HTTPS on all pages, and use HSTS to ensure browsers only ever connect to us over a secure connection.
- We employ a top-notch third party to perform penetration testing every year to check for vulnerabilities.
- We store passwords hashed with the bcrypt algorithm.
- We never store or log your plaintext password.
- We use time-based One Time Passwords (OTP) for two-factor authentication.
- We encrypt our database, including passwords and all uploaded images.
- We employ additional encryption for sensitive data, like social security numbers.
- We never store your debit card number.