To protect against brute-force attacks (online password guessing), we automatically block accounts if an attacker tries to repeatedly enter incorrect passwords. If this happens, you can easily restore access to your account via email.

KeepSolid does not store plaintext user passwords in our database. We use the PBKDF2 algorithm (a.k.a. slow one-way key derivery function) to automatically turn your password into a derived hash. The benefit of this approach is that, while it allows us to check if your password is correct and strong, it doesn’t let company employees view the password itself.