Privacy & Security

Encryption

All communication to our servers including our real-time updates are done over secure TLS 1.2 encrypted tunnels using Elliptic Curve Diffie Hellman encryption. Any connections made to our servers over unencrypted tunnels will be re-routed to a secure tunnel.

Passwords

We take the security of your passwords seriously. Your password is hashed over 2,000 times with a 16 character salt and stored in an firewalled database that only the login page has access to.

Recovery Email

Your recovery email address is never stored unencrypted in our database. We hash your email address with a 64 character secret using a sha256 hash message authentication code. This hash can not be reversed from the hash. When you enter your e-mail address in the recovery field the entered email is hashed and compared against the database. If a match is found, the matched account is reset.

Secret Storage

We do not store secrets like passwords, encryption keys, etc on our servers. All secret storage is entered by hand when a server is brought online and stored only in memory. If a server is restarted those keys must be re-entered before being brought online.