About security

Cryptact puts the highest priority on our customers privacy and security.

Here are how that policy is implemented.


Password generation rules

A password should be at least 8 characters, and can be up to 30 characters.

It should contain at least 1 lower case letter, 1 upper case letter, 1 numeric letter, and the same letter cannot be used more than twice.


Account lock

Your account is locked if login attempts failed more than 5 times with incorrect passwords.


How we store your password

Your password is stored after being salted with sufficient rounds and hashed, so that even Cryptact doesn't know your password.

At the same time, please consider using an email address which you don't use any other place, and please don't reuse your password with the other places.



2FA can be enabled via settings. We support usual SHA1 as well as SHA256/512 for more robustness.  Please be noted that we might only enable the upcoming new features for those who enabled 2FA.