AES-256 Encryption

Each user account within BeanLogin is associated with a unique account key that is used to encrypt the data.

Customer Master Key

Each user’s account key is encrypted using a customer-specific master key, which is stored separately from the database.

Key Rotation

Customer-specific master keys are rotated once every 3 months and the old keys are archived for a period of 6 months.

User Data Transport

Encrypted user data will be synced across the user’s trusted devices through a secure channel (TLS).

Public Key Cryptography

On trusted devices, data encryption/decryption will happen locally using the user’s private key, which is never known to BeanLogin.

Shared Keys

Each shared item is encrypted using a unique Shared Key, which is encrypted using the respective shared user’s public key. The shared key can be decrypted on the device locally using the user’s own private key.

Multi-Factor Authentication

Offers a variety of 2-factor options to protect your portal as well as web apps within your organization


Supports TouchID authentication and pattern recognition (Android devices)

Device Registration

New devices go through a risk assessment before getting registered

Secure Sharing

Sharing data with people you know using public key cryptography

Kill Switch

Wipe out all of your passwords and notes from BeanLogin using our Kill Switch

Advanced Encryption

Advanced encryption that encrypts data using keys derived from user’s password

Ready To Get Started?