In our previous news article, we indicated that we felt the best way to implement security enhancements was to scrap everything and start over, which would secure data from the start. This was, of course, a silly notion on our part. Security advancements are made in the technology industry all of the time and data does not need to be thrown out to be secured.

What's the new plan?

Password security is going to be our primary focus before we expand to other user data. We don't collect much user data to begin with for very good reason: the more data we collect, the greater the potential liability we assume in protecting it! So to start, we are changing the way we store your password. Don't worry, we're already NOT storing you passwords in plain text! However, we feel we can do better and so we are.

Upon implementation of these changes, we're going to require all users to change their passwords, which will ensure your password is updated and stored using a much more secure hashing algorithm.

What about our other data?

In time, our friends... in time! We are also working on encrypting other user data we collect to ensure it's safe in our databases. For instance, when you register an account, we ask for your date of birth which may be used to ensure applicable child safety laws are followed if and when applicable. We can encrypt that data to make it harder to link a birth date to an account. Behind the scenes, we also collect a little information about where you're from, which helps us spot hijacked or stolen user accounts and get them returned to their rightful creators. We'll be encrypting that data as well, for example.

We'll keep you posted as these updates begin to roll out, which we hope to see begin happening very soon!

-The NormanNetworksITS Team