Security and Privacy are front and center within the architecture of Red Folder. We have ensured that your data is safe and secure. Furthermore, our architecture puts the security of your account and your data under your control (as described in our TOS and Privacy statements). In addition to the SSL (Secure Socket Layer) certificate which we use to establish the encrypted connection between your computer/tablet and the Red Folder servers (the HTTPS in the browser window), we have implemented defense in depth security methodologies.
Step 1 : When you login to Red Folder you encounter the UserID/Password challenge.
Step 2 : Two-step authentication validates you have control of your account when you type in the security code Red Folder transmits to you.
Step 3: Secret encryption key is created by you and protected by you. You provide your designees this secret key so they may unlock your data.
We insist you use a strong password to protect your account. And yes, we agree passwords are a pain to remember, and for this reason we recommend the use of a either a commercial password manager or a manual password manager to keep your accounts and associated passwords safe. With Red Folder you will be able to recover and reset your Red Folder password in the event you forget.
While your password enables your ability to engage with Red Folder, your authenticating yourself with our two-step authentication process gives us a high degree of certainty that the individual who is entering the User ID and Password is the same individual who registered and verified their SMS (text message) enabled phone. We use this two-step process every time you login to Red Folder or change your passwords.
We use an encryption key to encrypt your data. That is to say, a secret encryption key, when mixed with your data, will produce data which is unreadable without the secret encryption key which was used to encrypt the data. Remember some key items concerning your secret encryption key:
- Red Folder does not create this key, you do.
- Your secret encryption key is of your own creation.
- An encryption key is a pass phrase or string of characters of your choosing
- Red Folder cannot distribute this key to your designated trustees, you must do so.
- Should you lose this secret encryption key, Red Folder can not reset the secret key on your behalf.
- Keep your secret encryption key in a safe place (not on your computer, smartphone or tablet).
Access to data
Only after following all the security protocols, including entering the correct secret encryption key are you or your designee able to review and read the account entries within your Red Folder.