How ClikIT Care secures your credentials

As part of our commitment to securing the web, we wanted to share briefly how we store your credentials you give us when signing up for ClikIT Care. As part of our sign up flow, after you purchase a maintenance plan, you’re redirected to fill out your site username, password, and hosting details. We use Forminator by WPMU DEV to collect those form entries, but by default, those entries are not encrypted or secured. In simple terms, they’re in plain text.

Forminator is not designed for collecting username and passwords. But, we love their product. With use of their REST API, we were able to route all entries of the form to 1Password, it uses a private REST API connection with ES256 signing algorithm. 1Password ensures robust security by employing end-to-end encryption, making data interception impossible, and using AES-GCM-256 encryption for data protection, which is virtually indecipherable. Additional security measures include cryptographically secure random number generation, PBKDF2-HMAC-SHA256 for key derivation to significantly delay password cracking, and a distinct 128-bit Secret Key combined with your password for enhanced encryption, all while ensuring your password and Secret Key are never stored or transmitted together.

From there, our 1Password Connect server is protected by strong passwords & is kept up tp date with the latest security patches.

So, when we ask for your site details, we promise to keep them secure & we take it seriously. Our dedication to security is the gold standard, and we take pride in it!