Data Security

We take the responsibility of securing passwords very seriously. We follow industry-standard security recommendations like the following:

• Passwords are encrypted with AES 256-bit encryption and a unique key is generated for each password.
• Passwords are stored isolated from the token key that is used for decryption.
• For hosted Magic Cloud partners, passwords and all documentation data are stored in isolated containers.
• For hosted Magic Cloud partners, servers are protected with firewalls and advanced security measures to protect each application.
• In the case of self-hosted Hudu instances, your keys are never accessible to Hudu and remain under your control. Your passwords (encrypted or decrypted) are never sent to our servers.
• Decrypted password data is never saved to disk.
• In order to decrypt the data, attackers would have to go through a lengthy decryption process and have access to multiple parts of your application, making it extremely difficult to access confidential data.
• The entire application is only accessed over strong SSL encryption. We refuse connections that do not use encryption.
• You can control access to passwords via security groups.
• You can rollback and have access to passwords that have been changed.
• Password views are audited and added to a global activity trail, along with user information, IP address, date, time, and other information.