Security
How Hextrade stores and protects user passwords, broker credentials, and sensitive data
Security
Security is a core priority at Hextrade. We use modern industry-standard practices to protect user accounts, connected broker platforms, and sensitive system data.
This page provides a high-level overview of how security is handled across the platform.
Account Security
Password Protection
Passwords are never stored in plain text
They are protected using bcrypt one-way hashing
Each password includes a unique cryptographic salt
Passwords cannot be recovered, only verified during login
This approach follows widely accepted security guidance such as OWASP password storage recommendations.
Login & Access Controls
To protect user accounts:
Authentication checks are enforced on all protected endpoints
Access is restricted to authorized users only
Suspicious login behavior may trigger additional safeguards
Users are encouraged to enable Two-Factor Authentication (2FA) for additional protection
Connected Broker & Platform Security
When you connect a broker or trading platform:
Sensitive credentials are encrypted before being stored
Encryption uses AES-256-GCM, a modern authenticated encryption standard
This ensures stored credentials are not readable in the database
Credentials are decrypted only when required for authorized trading or API operations
Using authenticated encryption helps protect both:
Confidentiality — data cannot be read without authorization
Integrity — tampered data is automatically rejected
Data Protection
Hextrade applies multiple layers of protection to sensitive information:
Encryption for confidential data
Secure HTTPS communication across services
Restricted access to protected system resources
Internal safeguards to reduce accidental exposure
We follow the principle of least privilege, meaning services and personnel only receive the minimum access required to perform their role.
Platform Monitoring & Maintenance
To maintain a secure environment, we:
Monitor systems for suspicious activity
Regularly update infrastructure and dependencies
Apply security patches and improvements
Continuously review platform security practices
Security is treated as an ongoing process, not a one-time setup.
User Best Practices
You can help keep your account secure by:
Using a strong, unique password
Enabling Two-Factor Authentication (2FA)
Keeping your devices secure
Logging out of shared computers
Reporting suspicious activity immediately
Responsible Disclosure
If you believe you’ve discovered a security vulnerability, please report it responsibly to:
Include as much detail as possible so our team can investigate quickly. We appreciate responsible disclosures that help improve platform safety.
Hextrade is committed to maintaining a secure and trustworthy trading environment for all users, and we continuously improve our systems to meet evolving security standards.
Last updated