Security

We take security very seriously

Marc Roberts avatar
Written by Marc Roberts
Updated over a week ago

Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our members from the latest threats.

Your data is sent using HTTPS.

Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS using the latest secure TLS encryption.

We protect your data.

All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our members upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.

Regularly-updated infrastructure.

Our software infrastructure is updated regularly with the latest security patches. While perfect security is a moving target, we work hard to keep up with the state-of-the-art in web security.

We protect your billing information.

All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is transmitted directly to, stored, and processed securely on a PCI-Compliant network.

Vulnerable passwords

We use a third party service to ensure that any passwords stolen or leaked from other services are not usable on our systems. Your password is never shared with these services, only a small part of a fingerprint of the password is used to search. Find out more from security researcher Troy Hunt.

You cannot set your password to any of these known passwords. If you login to an account that is using one of these, your account will be reset requiring you to create a new password.

We suggest that you do not re-use the same password on multiple services. A password manager (we recommend 1Password) can help you create strong unique passwords for each site you use.

Have a concern? Need to report an incident?

Have you noticed abuse, misuse, an exploit, or experienced an incident with your account? Please visit our contact page. GPG keys can be provided on request if you need to transfer sensitive information securely. We aim to respond to all serious incidents within 24 hours.

Did this answer your question?