How Rownd protects your users.
Feature | Attack signal/vector | How it works |
---|---|---|
Suspicious IP Throttling | Rate of sign in attempts from a client. | Automatically throttles clients that try to sign up or sign in too quickly. Also automatically de-duplicates emails and text messages from similar sign-in attempts to reduce costs. |
Brute Force Protection | N/A | Passwordless means reduced risk of brute-force attacks. |
Passwordless Sign-in | Breached passwords | Passwordless means no breached passwords. |
Domain Allow-listing | Credential hijacking | Rownd provides a domain allow-list option, creating a critical extra layer of security. Every customer should use this in production. |
Data Encryption | In-transit data capture | Rownd uses encryption in databases and adheres to state-of-the-industry best practices, such as SSL, database encryption, and other techniques to secure user data. |