Security Overview

Latwy stores personal financial information, so data security is of the utmost importance. Here's how we keep your data safe.

Database

We use a managed database service from Crunchy Bridge to store all user data. Data is encrypted with AES-256 encryption at rest and in and transit. Connections to the database require TLS 1.2 or higher.

The database is not exposed to the public internet. All connections to the database are done through a secure Tailscale network.

Backups

The database is backed up daily in two places:

1. Crunchy Bridge's backup service, which takes a daily backup and then keeps that backup current by streaming updated data every minute. These backups are encrypted at rest using AES-256 encryption.
2. A separate daily backup processed on Fly and stored on Cloudflare . These backups are encrypted at rest using AES-256 encryption.

In the event of an outage, there should be minimal data loss.

Encryption

In addition to all database connections being secured through encrypted connections, all network traffic from the public internet to Latwy's web sites and applications are secured using HTTPS.

Authentication

If you sign up for Latwy using an email and password, your password is one-way salted and hashed using a high number of iterations of a password-based key derivation function. This hashed password is stored in the same managed database as other user data, cut off from the public internet and only accessible through a secure private network.

If you choose to sign up using a supported third-party identity provider, you may be able to enable two-factor authentication for added security. Latwy does not support two-factor authentication for password-based logins at this time.