At Coinigy, security is our top priority. We have taken a multitude of steps to help ensure your data is safe and secure.
- All user data is encrypted with AES 256-bit encryption and sensitive user data (encrypted or not) is never returned to the client.
- Every request on Coinigy goes through a verified and secure SSL.
- Coinigy uses a multi-tiered server architecture with complex credentials to ensure server integrity.
- Coinigy never handles your funds directly. All funds remain stored in the exchange's wallets.
- All user requests are filtered and checked on the front-end and back-end for XSS, CSRF, Clickjacking and Session Impersonation attacks.
- We use only parameterized queries to the database to further prevent injection attacks.
- Coinigy is hosted in Google's data centers and our team has a combined 30 years experience in web security and best practices.
Now, let's talk about some of the features we have that you can use to help keep your accounts secure.
- Coinigy supports passwords up to 40 characters. Use a long, unique and complex password with a mix of alphanumeric characters and symbols.
- Coinigy also supports Two-Factor Authentication (2fa) using Google Authenticator. This is a free, offline service that doesn't use Google's servers. We strongly encourage all users to enable 2FA on their Coinigy account.
- Coinigy encourages you to set restrictions on your exchange API keys which limit the capabilities they have to just the functionality you want to use on Coinigy.
- It is the user's responsibility to keep both their Coinigy account and their exchange accounts secure.
If you have any specific questions about the security of Coinigy, please email our support team and they'd be happy to get back to you with more information.