Strong Encryption Standards

Safeguarding customers' data such as passwords is top most priority of every organisation. We understand this, and PHPKB knowledge base encryption standards provide advanced security through a secure encryption algorithm that protect your crucial data.

An effective knowledge base provides not only protection of confidential data at storage level, but also during transit. Therefore, PHPKB knowledge base application provides data security in two ways:

Data-at-rest Encryption

Encryption is transforming readable text or data, called plaintext, into an unreadable code called ciphertext using key (public key/private key) or hash. The opposite process of converting that ciphertext to plain text is called decryption. PHPKB knowledge base system implements data-at-rest encryption by encrypting all the crucial data before storing it to a database. The encryption technology at PHPKB uses a cryptographic algorithm which is not reversible i.e. it is not possible to decrypt a hash value created by the algorithm. The only way to get the original form of encrypted data from "one way encryption" is brute force hacking, which is extremely resource intensive, and not practical.

Data-at-transit Encryption

Every knowledge base software needs to make communication between web server and web browser. For instance, when you collect sensitive data from users through web forms, knowledge base tool sends this sensitive information to server for further processing. If a plain text is sent, hackers have a good chance to steal the information at this stage and therefore, PHPKB knowledge base tool provides a encrypted data communication mechanism for all its cloud-hosted customers. All the network communications are done over protected HTTP Secure (HTTPS) protocol in PHPKB knowledge management system to prevent third parties from eavesdropping on or tampering your data.

Password Encryption and Security Best Practices

PHPKB's password security controls enforces many restrictions like minimum password length, presence of special characters in a password to ensure that users set strong passwords. It also utilises two-factor authentication for accounts created through signup page i.e. sends a confirmation email before activating the user account. Beside all the efforts of a software, humans intervention for setting secure passwords is desired. Below are few guidelines that would assist your team and customers in creating strong passwords and making your knowledge base accounts more safe and access to knowledge base more secure.

• Never use commonly used words and easy to guess passwords.
• Always change the default password that is sent when your account is manually created in knowledge base.
• Change your passwords at least every three months.
• Must be between 8 and 20 characters in length.
• A strong password must contain at least 3 of the following four items: a number, an uppercase letter, a lowercase letter, a special character.