It’s our top priority at HoneyBook to keep you and your business safe and secure at all times. We practice the highest standards of security to ensure that your password is never stored, and therefore not vulnerable to data breaches.
However, not all websites implement the same standards of practice, which can make your password vulnerable if you’ve used the same password for multiple sites.
In order to keep your HoneyBook account safe beyond our own security practices, we regularly conduct additional checks to find out if your HoneyBook account password has been compromised in external data breaches (i.e. another site was hacked and did not store user passwords in a secure way, and the password you use for that site and for your HoneyBook account are the same).
In the process of checking passwords against other data breaches, all passwords are hashed, so there is no security risk in this process.
If we are ever made aware that your HoneyBook password has been compromised elsewhere, we will let you know via a message inside your HoneyBook account, and encourage you to change your password right away. Use a strong and a unique password for your HoneyBook account, to ensure that your password cannot be compromised by use in another account.
Below you’ll find some best practices on password hygiene in case they may be helpful to you:
Use long passwords that contain letters, number, special characters, and a mix of capital and lowercase letters
Do not use real words in your passwords
Never reuse a password
Regularly change passwords (quarterly is recommended) for websites and services that contain or handle sensitive information, like Personally Identifiable Information (PII), credit card or banking information, or anyone else’s PII (like your clients')
If you are part of a data breach, you should consider changing all of your passwords
It can be helpful to use a password manager if you have many accounts with sensitive information, in order to maintain strong and unique passwords