Security At FlowyForm

Security At FlowyForm

At FlowyForm, security and user privacy is our top priority. That's why we use encryption both in transit (TLS 1.2) and at rest.

What's encryption?

Encryption is how information is encoded so that it can only be decoded (or interpreted) by authorized parties.

Without it, your online activity is at risk of being exposed to unauthorized parties (such as your password or credit card details). With encryption, your activity can only be interpreted by a party who can decode it (for example, using a private key).

Why is this relevant?

With FlowyForm, your data is secure because it is encrypted when you submit the form (in transit) and on the disk (at rest).

Another example of security that we take seriously is user authentication. With FlowyForm, you can signup and login with Google, which is super secure because we get no information from Google without you granting that permission first (such as your full name and email address). Everything else, Google takes care of.

If you choose not to use one of our OAuth options, we have email and password authentication. We require passwords to be at least 8 characters long with a number and a special character to enforce more security. We also recommend to check if your password has ever been in a data breach.

Although passwords are encrypted, short passwords as subject to brute-force attacks. A password with 6 characters (matching a-Z0-9) has a total of 36 ^ 6 combinations, which can be "guessed" by computers in just a couple of hours. However, with more requirements, passwords can reach a point of complexity that even the best of computing would take years to guess it.

Conclusion

The safety of your data is important to us at FlowyForm. That's why we maintain the best practices and protocols to keep data visible to who it's meant for, and no one else. We also recommend the best practices to keeping important information like passwords safe, such as using a password manager.