WAVE utilizes the following technology to ensure the security of all avenues of possible illicit behavior from an outside aggressor:
- OpenSSL for network connections
- By default, we disabled deprecated and insecure protocols and use only TLS v1+. The Transport Layer Security protocol aims primarily to provide privacy and data integrity between two communicating computer applications.
- Server -> Client (Mobile, Desktop, Web) Communications- HTTPS
HTTPS is used by default for all connections. - Email - TLS / SSL
TLS is the default option for the Email Server.
- Server -> Client (Mobile, Desktop, Web) Communications- HTTPS
- Salted/Hashed Passwords
- Local Credentials (e.g. local user accounts) are protected using a salted MD5 hash
- WAVE Sync Credentials (e.g. WAVE Sync user account) use a complex multi-level hash
- By default, we disabled deprecated and insecure protocols and use only TLS v1+. The Transport Layer Security protocol aims primarily to provide privacy and data integrity between two communicating computer applications.
