These are common actions that could put you at risk of having your password stolen:
- Using the same password on more than one site
- Downloading software from the Internet
- Clicking on links in email messages
2-Factor Authentication (2FA) can keep bad guys out, even if they have your password. With 2FA we add and extra level of protection. Each time you login with your id and password we will generate a unique (one-time) verification code that you will receive in your email inbox. You may disable this feature from your account settings (not recommended). 2FA does not work with Google login.
Also, we keep you safe with other important measures.
Account lockdown – To protect your account from people trying to log in, users that enter a wrong password too many times will be locked. This is something we manage on our systems and there is nothing you have to do.
Password encryption – The passwords that you store into our database are encrypted. This applies to any password like your login password, your email password, etc. Nobody, including our employees, can read your passwords. When the password need to be used the server uses a decryption key that is changed on a regular basis.
SSL connections – HTTPS (Hypertext Transfer Protocol Secure) is what we force you to use when you access our services. Basically, HTTPS can create a secure SSL connection through an insecure network (Internet). SSL (Secure Sockets Layer) is a protocol that provides secure communications on the Internet. In this context TLS is the new industry standard based on Secure Sockets Layer (SSL) and we use TLS 1.2.