https://stackoverflow.com/questions/22120550
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianZapier co-founder here, we've recently updated to use PBKDF2 with 10k iterations (the standard Django hashing scheme). We'll progressively update these from time to time as standards dictate.
Zapier Twilio credentials storage: how safe is that?
-
18-10-2022 - |
Question
While creating a Twilio Zap (and others), we are required to provide the Account Sid and the Account Token for your existing Twilio account.
I suppose this is stored by Zapier somewhere (hopefully with reversible crypto), otherwise they cannot execute future requests. Does anybody know how safe is this? Have they published any information about how they protect this data?
EDIT
Well, nothing some googling couldn't help
https://zapier.com/help/data-privacy/
Yes, they encrypt the data with AES and store the keys separately. I guess there will always be the danger of data breaches, but that's the trade-off.
I just wonder why their own login credentials use SHA (with 1000 iterations), while I believe the most recommended would be bcrypt.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
