How do you secure authors' login credentials?

BookTrakr is designed specifically to protect your bookstore passwords. Bookstore passwords are encrypted when we store them, and only parts of our system that talk to the bookstores can access the keys needed to decrypt them.  These parts of BookTrakr are specially isolated from the pages users access, making it very difficult for a hacker to even find, let alone access, the decryption keys. Having extensive background in security, we feel that we have done everything possible to safeguard your sensitive data.

Passwords to log in to BookTrakr itself are secured using industry-standard one-way encryption. Nobody—not even BookTrakr itself—can actually decrypt these passwords; you can only check if a provided password is correct. Someone attempting to break into your account would be forced to guess possible passwords until he stumbled across the right one; to make this more difficult, we encourage you to pick strong passwords.

All communications with BookTrakr are secured with SSL, the same technology that secures e-commerce and online banking sites, so nobody can steal your passwords or your sales numbers in transit.

(Technical details: Bookstore passwords in our database are encrypted with a 2048-bit RSA key. The BookTrakr frontend app has access to the public key, allowing users to set passwords, but only the backend app has access to the private key, allowing it to read those passwords later. BookTrakr login passwords are stored with bcrypt, with a different random salt for each password.)

Have more questions? Submit a request


Please sign in to leave a comment.