Is Rhino Accounts safe?

We wrote Rhino Accounts using the latest, industry-standard security technology available today:

  • Communication to and from Rhino Accounts is encrypted using HTTPS.
  • Information stored in Rhino Accounts is encrypted using 256-bit Advanced Encryption Standard. Each encryption key is itself encrypted with a regularly rotated set of master keys.
  • Passwords are stored using Password-Based Key Derivation Function 2 to make brute-force password decryption difficult.
  • Rhino Accounts is based on the OpenID Connect protocol.
  • Rhino Accounts works only with actively supported web browsers: Internet Explorer 11 and higher, or the latest version of Chrome, Firefox, Opera, Safari, and Edge. Modern browsers reduce the risk of cross-site scripting (XSS) and help mitigate cross-site request forgery (XSRF) attacks.