We use the OAuth 2.0 security protocol. Every time a user logs in, Okta Auth0 validates their credentials and generates an authentication token. This token will be used in all subsequent requests made by the user. Additionally, OAuth stores user passwords and provides security alerts in case of multiple failed attempts.

We use JSON Web Token (JWT). Each request includes an encrypted token to ensure that the information corresponds to the authorized user making the request. Our servers validate both tokens; If any of them are not correct, access to the information is denied.

Our servers are hosted on Heroku, meeting the highest security standards.

The databases are hosted on AWS servers. We perform monthly password rotations to ensure information security.