Doorkeeper Security Overview
We protect your data
All data is written to multiple locations and is backed up on a daily basis. Files that you upload are stored using the Amazon S3, which stores them redundantly.
All passwords are filtered from all our logs and are one-way encrypted in the database using salted sha512. Login credentials are always sent over SSL.
Hosting Provider Security
Doorkeeper is hosted on Amazon Web Services (AWS), which has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). AWS undergoes annual SOC 1 audits and has been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems. For more details, see AWS Security Center.
Credit cards are processed securely
All credit cards are processed using PayPal, and Doorkeeper never receives any credit card information from users. Please see PayPal's security page for details about their security.
Up to date infrastructure
We keep our servers up to date with the latest security patches.
Doorkeeper employees do not normally have access to private data, and will only be granted access when necessary for support reasons.
Need to report an issue?
Have you noticed a security issue? Do you have a security concern? Please read our responsible disclosure policy.