Sign Up

I consent to Lavawall® using cookiesRead Details
I agree to Lavawall® privacy policyRead Details
What's this?

Already have an account? Sign In!

This console's servers and data are located in Canada

Where does Lavawall® store your information and how is it protected?


An important tip on using this system:
Lavawall® uses a combination of cookies, IP addresses, browser fingerprints, and cross-site request forgery mitigation fields to protect your account. As such, opening two consoles windows, using a different browser, or a different Internet Service Provider may log you out of the console and trigger additional verification processes.

How is my data protected:
All data is stored in encrypted databases and all data is transmitted from your computers using TLS 1.2 or TLS 1.3. All passwords and MFA secrets are stored using one-way slow hashes with unique salts for each account. When you login, your password is hashed using multiple rounds of PBKDF2 slow hashing on your computer before they are sent to the Lavawall® servers, where they receive additional rounds of slow PBKDF2 hashing before being verified against the hashed password stored in an encrypted database. The only time your password is sent from your computer to our servers using TLS encryption without one-way hashing is on sign-up, where we verify that it meets PCI compliance rules and doesn't match any known weak passwords. We also use a variety of Cross-Site Request Forgery, session hijacking, and bot detection techniques to keep your account safe.

© 2017-2021 ThreeShield Information Security Corporation.