Security
AES-256 Encryption
Each user account within BeanLogin is associated with a unique account key that is used to encrypt the data.
Customer Master Key
Each user’s account key is encrypted using a customer-specific master key, which is stored separately from the database.
Key Rotation
Customer-specific master keys are rotated once every 3 months and the old keys are archived for a period of 6 months.
User Data Transport
Encrypted user data will be synced across the user’s trusted devices through a secure channel (TLS).
Public Key Cryptography
On trusted devices, data encryption/decryption will happen locally using the user’s private key, which is never known to BeanLogin.
Shared Keys
Each shared item is encrypted using a unique Shared Key, which is encrypted using the respective shared user’s public key. The shared key can be decrypted on the device locally using the user’s own private key.
Multi-Factor Authentication
Offers a variety of 2-factor options to protect your portal as well as web apps within your organization
Fingerprint
Supports TouchID authentication and pattern recognition (Android devices)
Device Registration
New devices go through a risk assessment before getting registered
Secure Sharing
Sharing data with people you know using public key cryptography
Kill Switch
Wipe out all of your passwords and notes from BeanLogin using our Kill Switch
Advanced Encryption
Advanced encryption that encrypts data using keys derived from user’s password