About security
fintact puts the highest priority on our customers privacy and security.
Here are how that policy is implemented.
Password generation rules
A password should be at least 12 characters.
Also we strongly recommend the followings when creating passowords:
・It should contain the mix of lower case letter, upper case letter, numeric letter, and symbols.
・Please avoid using birth dates or any words that could be easily predicted.
・Please avoid using the same password for all important online services.
Account lock
Your account is locked if login attempts failed more than 5 times with incorrect passwords.
Please reset your password from here.
How we store your password
Your password is stored after being salted with sufficient rounds and hashed, so that even fintact doesn't know your password.
At the same time, please consider using an email address which you don't use any other place, and please don't reuse your password with the other places.
2FA
2FA can be enabled via settings. We support usual SHA1 as well as SHA256/512 for more robustness. Please be noted that we might only enable the upcoming new features for those who enabled 2FA.