FeedFlux implements multiple layers of security to keep your data safe.
| Protection | Description |
|---|
| Password Hashing | Passwords are hashed using industry-standard algorithms (bcrypt). We never store plain-text passwords. |
| Two-Factor Authentication | Optional 2FA adds a second layer of protection using TOTP (Time-based One-Time Passwords). |
| Session Management | Secure JWT tokens with expiration. Sessions can be remotely terminated. |
| Rate Limiting | Protection against brute-force attacks on login and API endpoints. |
| Protection | Description |
|---|
| HTTPS/TLS | All data transmitted between your browser/app and our servers is encrypted using TLS 1.2+. |
| API Security | All API requests require authentication tokens. |
| Secure Headers | HTTP security headers prevent common web vulnerabilities. |
| Protection | Description |
|---|
| Cloud Hosting | Hosted on enterprise-grade cloud infrastructure with security certifications. |
| Database Encryption | Database connections are encrypted. Sensitive data encrypted at rest. |
| Regular Backups | Automated backups ensure data recovery in case of incidents. |
| Access Controls | Strict internal access controls. Only authorized personnel can access systems. |
| Protection | Description |
|---|
| PCI Compliance | Payments processed by LemonSqueezy, a PCI-DSS compliant payment provider. |
| No Card Storage | FeedFlux never sees or stores your full credit card number. |
| Secure Checkout | Payment pages are hosted by LemonSqueezy with bank-level security. |
| Protection | Description |
|---|
| License Binding | Licenses bound to hardware ID prevent unauthorized sharing. |
| Code Signing | Desktop application is signed to verify authenticity. |
| Automatic Updates | Security patches delivered through update system. |
You can help keep your account secure:
| Best Practice | Why It Matters |
|---|
| Use a strong, unique password | Prevents credential stuffing attacks |
| Enable Two-Factor Authentication | Blocks unauthorized access even if password is compromised |
| Don’t share your license key | License is bound to one device for a reason |
| Keep software updated | Updates include security fixes |
| Log out on shared computers | Prevents session hijacking |