Is my password secure in your database?

We do not actually store your password. This assures that even if our servers and database gets compromised, personally identifiable information such as your password is never revealed. This also means that you can trust that internally, a Coinfloor agent or database administrator does not have access to your plain text passwords.

How does this work though?

Your passwords are hashed using bcrypt with 10 cost factors. Bcrypt is an adaptive cryptographic hash function for passwords. It incorporates a salt to protect against rainbow table attacks and is also an adaptive hash - over time it can be made slower and slower so it remains resistant to specific brute-force search attacks against the hash and the salt.

Have more questions? Submit a request