STASH was built to protect and secure every kind of digital data. We use multiple digital and physical tactics and protocols to ensure that the data stored in your private vault is secure.
Since data thieves want to know too, you won’t find all the secrets here. What we can tell you is that these powerful tools are only a part of STASH’s unique security arsenal – the way all stored data will be protected in the future:
STASH uses AES256 (Advanced Encryption Standard with 256 bit key length) to protect your data. When implemented properly, this powerful encryption, the highest standard used for the most sensitive data in the world, would take a lifetime, even several lifetimes for data thieves to hack. In addition not only does every user have a completely unique key to access their data, STASH uses another unique key that combined with the user key, makes for one of the as-secure-as-it-gets standards we use along with others, to protect access to your vault.
Your files are kept securely on servers hosted in world-class data centers in many different places. In fact, your data is generated in multiples to ensure resiliency. It cannot be lost. It is protected using Datacentric Security that in very simple terms, shreds the data. These pieces cannot be put back together again until they are called up by you. Even if an attacker is able to compromise a server your data is stored on, all they will see is unrecognizable digital confetti. Nothing to steal.
Anytime you upload files into Stash, or download files from STASH to a computer, they are protected by TLS (Transport Layer Security), the most effective tool for securing data in motion. TLS is the "S" in the HTTPS of the STASH URL (the address you type into the browser bar to get here). It is the same encryption and highest level of protection that banks, e-commerce, and governments use to keep their data protected while in transit across the Internet.
Making sure you, not someone impersonating you, are accessing your data is of vital importance. It is at the very core of why we built STASH.
Someone pretending to be someone else is a major factor in data theft. At STASH, your username belongs to you – and your password does too. We don’t want it (and we’ll never ask you for it). We store only a hash (an anonymous characterization) of your password, not the password itself, so that your vault will recognize you when you sign in and out.
We also use two-factor authentication, something you may be familiar with. This method of proving that you are actually YOU, by sending a text or calling you with an extra code you must provide to access a site is becoming more and more important in the fight against hackers.
STASH has taken this critical game-changer one step further. We use a groundbreaking technology that integrates with your smartphone when logging into Stash. If your smartphone confirms what's on the Stash login page, you are in, and and attackers with just your username and password, are OUT!
No one at STASH knows who you are. No one at STASH can access or see anything in your vault. We do not collect or save your password. We DO need your email address to communicate with you, which we keep along with your username (which can be anything you want it to be). In fact, we encourage you to choose a username that is as unique and unidentifiable as can be. Your billing information must match what is on file with your credit card company, but after you fill in that information at STASH, it is sent immediately and automatically to Authorize.net, our credit card processor. No trace of your information is kept at STASH. Why don’t we offer PayPal? Only Authorize.net is recognized around the world as the #1 choice for secure transactions.
This is what you can count on when you choose STASH to protect your data:
At STASH, we view privacy and security as a right, not a privilege.
We are as fiercely dedicated to the security and privacy of your most valuable data and keepsakes as we are to our very own.
We wouldn’t have it any other way. Neither should you. Now you don’t have to.