search

Authentication Security

How Kaana keeps your account secure.

hashtag
Login Security

hashtag
Secure Authentication

Kaana uses Auth0, an industry-leading authentication platform:

  • Enterprise-grade security

  • Regular security audits

  • Compliance certifications

hashtag
Password Requirements

Strong passwords are required:

  • Minimum 8 characters

  • Mix of letters, numbers, and symbols recommended

  • Common passwords blocked

  • Breach detection (warns if password found in data breaches)

hashtag
Password Storage

Your password is never stored in plain text:

  • Hashed using secure algorithms

  • Salted to prevent rainbow table attacks

  • We cannot see or retrieve your password

hashtag
Session Security

hashtag
How Sessions Work

1

hashtag
Secure session creation

When you log in, a secure session is created.

2

hashtag
HTTP-only cookie

An HTTP-only cookie is set (not accessible to JavaScript).

3

hashtag
Session validation

Session is validated on each request.

4

hashtag
Automatic timeout

Session will automatically time out after inactivity.

hashtag
Session Features

Feature
Description

HTTP-Only Cookies

Prevents XSS attacks

Secure Flag

Only sent over HTTPS

Session Timeout

Auto-logout after inactivity

Single Session

Option to log out other sessions

hashtag
Account Protection

hashtag
Failed Login Protection

  • Account temporarily locked after multiple failed attempts

  • Prevents brute-force attacks

  • Automatic unlock after cooldown period

hashtag
Suspicious Activity

We monitor for:

  • Unusual login locations

  • Multiple failed attempts

  • Abnormal access patterns

hashtag
Email Verification

  • Email addresses verified on signup

  • Notifications for account changes

  • Password reset requires email access

hashtag
Password Reset

hashtag
Secure Reset Process

1

hashtag
Request reset

Request reset from the login page.

2

hashtag
Secure link

An email is sent with a secure link.

3

hashtag
Expiration

The link expires after a limited time.

4

hashtag
New password

You must create a new password.

5

hashtag
Invalidate sessions

All sessions are invalidated after reset.

hashtag
Tips for Safe Reset

  • Only request resets from the official Kaana login page

  • Check email sender is legitimate

  • Never share reset links

  • Use a strong new password

hashtag
Protecting Your Account

hashtag
Best Practices

1

hashtag
Use a strong, unique password

  • Don't reuse passwords from other sites

  • Consider a password manager

2

hashtag
Keep your email secure

  • Your email is used for password resets

  • Secure your email account

3

hashtag
Log out on shared devices

  • Always log out when using shared computers

  • Don't save password in public browsers

4

hashtag
Watch for phishing

  • Verify URLs before entering credentials

  • We'll never ask for your password via email

hashtag
Signs of Compromise

Watch for:

  • Login notifications you didn't initiate

  • Password reset emails you didn't request

  • Unfamiliar activity in your account

  • Settings changes you didn't make

If you notice these, change your password immediately and contact support.

hashtag
Administrator Controls

hashtag
User Management

  • Invite and remove users

  • Set role-based permissions

  • Monitor user activity

hashtag
Security Settings

  • Enforce password policies

  • Review access logs

  • Manage API keys

hashtag
Deactivating Users

  • Immediately revoke access

  • Block future login attempts

  • Preserve data for audit

hashtag
Logging Out

hashtag
How to Log Out

1

Click your profile menu.

2

Select "Log Out".

3

Session is terminated.

4

You are redirected to the login page.

hashtag
Automatic Logout

Sessions expire after a period of inactivity for security.

PreviousData PrivacyNextCompliance & Standards

Last updated

Was this helpful?