Security matters a lot on the Web, for us it is one of the first pillars of being trust.
Here are the steps we took to ensure the continuity of our service and safety of your datas.
All communication are encrypted throught TLS, heir of SSL, to provide you HTTPS canal.
Options like HSTS and OCSP are activated to enforce event more your protection.
Some specific configuration helps prevent other sites to encapsulates our website without our consent, preventing fraud and deception.
Some configuration helps preventing code injection and sniffing around too much.
Your passwords are encrypted too, using Bcrypt.
Therefore it is immune to potential rainbow tables and brute force.
Filtering out sensitive entries
Password and other sensitive datas are filtered out form our logs, so they never appear anywhere.
Test are a necessity to ensure stability through non-regression of features.
It means a new feature can't break an existing one.
It also means faster debugging and resolution of any problem.
Syntax analysis and linters helps us have an homogenus code, helping us having easier and thus better maintenance.
YES, we believe opensource helps acheiving better security.
Open-source technologies are way more scrutenized and verified by multiple and very different developpers.
Therefore zero-days are fixed faster, bugs are less-prone, and the overall products are more robusts and stable between major versions.