We're not a bank. We're not a password manager. But we do hold your clipboard data, and that matters. Here's the honest run-down of what's protected and how.
Your account password is hashed with bcrypt and PHP's default cost. We never store or log your plaintext password. Not even briefly.
Passphrases you set on share links are hashed the same way. Server never sees them in plaintext after the initial submit.
Every sign-in from a new browser requires a six-digit code delivered to your email. Codes expire in 10 minutes, are single-use, and lock after 5 wrong attempts.
5 wrong password attempts per email address in 15 minutes triggers a lockout. Share-link passphrases get the same treatment per-link.
All traffic to and from the app uses TLS. Session cookies are marked HttpOnly, Secure, SameSite=Lax. No sensitive data ever travels in plaintext.
Remember-me cookies are HMAC-signed with the server's secret, scoped to a single user, and revocable from any other trusted device.
Share URLs carry 128 bits of randomness (32 hex chars). Not
enumerable by brute force. Share pages are served with
X-Robots-Tag: noindex, nofollow so
they don't appear in search engines.
Uploaded files live outside the web root. They're only served through an authenticated PHP endpoint that checks ownership (or a valid share token) before streaming a byte.
Deleting your account removes every trace — clips, files, shares, login history, email log. FK cascades handle the rows; file storage is unlinked on disk. Nothing is retained.
Security feedback, audit requests, or general curiosity — get in touch. We'd rather you asked.
security@movemywork.com →