SECURITY
Data security is our priority. We have implemented a number of security measures to keep your family's data safe.
Advanced, multi-layered encryption
Your data is encrypted at rest and in transit on Stronghold. That means that your data is protected while it is stored in Stronghold and when it is being uploaded or downloaded to and from Stronghold.
To keep your data safe, we use advanced encryption, known as 256-bit AES, while your data is at rest on our system. This standard is highly resistant to brute-force attacks. We also use Transport Layer Security to encrypt your data in transit.
Two-step verification
Two-step verification, also known as two-factor authentication (2FA), adds an extra layer of security to your account by requiring two forms of verification before granting access. After entering your password, you will be prompted to provide a second factor, a code generated by an authentication app (for example, Google Authenticator or Microsoft Authenticator).
This additional step ensures that even if your password is compromised, unauthorised access is prevented. Implementing 2FA enhances security, safeguarding your family's essential information against potential threats.
Setting up 2FA is simple and significantly reduces your risk of unauthorised account access:
Ensure that you have an authenticator app on your phone (such as Google Authenticator, Authy or Microsoft Authenticator).
Go to the Settings menu and select the button next to "Two-step verification".
Enter your password when prompted.
Follow the instructions on the screen to set up your authenticator app using the QR code or by copying the code into the app.
Strong passwords
We require strong passwords containing no less than 12 characters. It important that you don't use a password that you use for other services or websites. We suggest using a password manager to create strong passwords and to change your password from time to time.
Leaked Password Protection
We take password security seriously. To ensure the highest level of protection for your account, we integrate with the open-source HaveIBeenPwned.org Pwned Passwords API. This proactive measure allows us to automatically reject passwords that have been leaked and are known to be used by malicious actors.
By leveraging this powerful tool, we help you choose strong and secure passwords, significantly reducing the risk of unauthorised access to your account. Rest assured, your security is our priority.
Secure File sharing
It is easy to share and collaborate in Stronghold, but not too easy. We provide a sensible balance between security and convenience when in comes to sharing the files, photos and documents that you upload to your Stronghold. Links to view and download shared documents don't require the recipient to log in to Stronghold, but they expire after 24 hours. This allows you to share documents securely with anyone, but you won't run the risk of sharing permanent links that allow access to your documents forever.
Secure payment processing
We process all customer payments for Stronghold Premium through Stripe, a secure payment platform. When you sign up for Stronghold Premium, your personal credit card details are transmitted directly to Stripe, and we do not store them.
Stripe maintains the highest level of certification in the payments industry as a PCI Service Provider Level 1.
Continuous evaluation and improvement
We are continuously evaluating and upgrading the security of our system to keep your data safe. If you have any questions about our security, please contact us.