Security
Your customers can trust your community with their data and personal details.
Your community, your data
When you run a XenForo community, you control everything about it, including where and how the data is hosted.
Unlike huge social media platforms, discussions within your community will not result in ever more concerning levels of personal data being mined in order to build detailed profiles of individuals for sale to advertisers.
Your customers will appreciate the privacy and potential anonymity this can provide.
Something you know, something you have
Passwords alone are no longer enough.
Secure your customers' accounts with two-factor authentication from a variety of sources, including push-notification 2FA from Authy.
Auto-lock
Prevent brute-force attacks against your members' accounts with an automatic locking system that enforces increasingly long waits between failed attempts.
Security locking
Sometimes, accounts need to be locked.
If you suspect a user's account has been compromised or is otherwise in need of protection, you can manually lock an account and require a password change or reset.
Keep the robots out
Different communities need to protect themselves from automated agents with different defence mechanisms.
XenForo provides integrations with a range of CAPTCHA systems including reCAPTCHA, hCaptcha and others, and even a bespoke Q&A system unique to your own forum as a final line of defence.
Password hashing
User passwords in XenForo are stored using a one-way hashing algorithm, so even in the event of a catastrophic data loss, your customers' original passwords can never be discovered.
Input filtering
The XenForo architecture enforces rigorous filtering of any user input.
Any data output to templates is automatically filtered to remove any possible malicious code, unless it is expressly flagged to be output in its raw state.