Security
At AYCOPOS, security is our priority. We implement multiple layers of protection to keep your business data safe.
Password Security
Passwords are hashed using bcrypt with 12 rounds of encryption. Your actual password is never stored.
Role-Based Access
Define roles like Admin, Manager, and Cashier with specific permissions for each.
Audit Logging
Track all user activities including who changed what, when, and from which IP address.
Login Rate Limiting
Brute-force protection with login attempt limiting. After 5 failed attempts, accounts are temporarily locked.
Security Features
CSRF Protection
All forms are protected against Cross-Site Request Forgery attacks.
Email Verification
All users must verify their email before accessing the system.
Session Management
Sessions expire after 2 hours of inactivity. Sessions are invalidated on logout.
Secure Password Reset
Password reset links expire after 60 minutes and can only be used once.
Secure Sessions
HTTP-only cookies prevent JavaScript access to session data. Same-site protection against CSRF.
Data Isolation
Each business's data is completely isolated. Users can only access their own organization's data.
Hosting Security
Your data is hosted on Hostinger's secure infrastructure with:
- Daily automated backups stored securely
- SSL/TLS encryption for all data in transit
- Server-level firewall protection
- Regular security updates and patches
- 99.9% uptime guarantee
Best Practices for Your Account
- Use a strong, unique password for your account
- Never share your login credentials
- Log out when using shared or public computers
- Regularly review user access and remove unused accounts
- Set appropriate permissions for each team member
Report a Security Issue
If you discover a security vulnerability, please report it to us immediately:
Email: info@ayubtechscope.com