• Passwords are one way encrypted meaning it cannot be reversed engineered to get the plain text password. E.g. PlainPass is stored as A*HHJ*6d*75*gb in the database.
• All data is cleaned and escaped to prevent SQL Injections.
• We use prepared statements for database queries to prevent SQL Injections.
• Session cookies are used to track user activity. These cookies are created with the secure and httponly flags.
• We use sessions to track active users and only show their relevant data.
• The site has a secure certificate meaning all data sent from the server to the browser and vice versa is encrypted.
• The server has an active hardware firewall which prevents unauthorised access to the server and database.