Security

BananaBird-Stage logo

Security Philosophy

BananaBird-Stage is designed around the idea that personal financial data should be treated carefully, deliberately, and with restraint.

Security is not handled as a single feature. It is considered throughout the application, including authentication, authorization, data access, logging, and how financial information is entered and managed.

Account Protection

  • Strong password requirements
  • Email verification
  • Optional Google sign-in
  • Multi-factor authentication
  • MFA recovery codes
  • Recent password confirmation for sensitive actions
  • Session regeneration after login
  • Rate limiting across application endpoints

Data Protection

BananaBird-Stage does not connect to banks, brokerages, credit cards, or other financial institutions. This is intentional. There are no third-party financial data integrations.

All financial information is entered by you - manually or imported from files you provide. This limits the amount of external access involved and keeps you in control of what the application can see.

Application-level authorization checks are used to help ensure users can only access their own data.

Logging & Auditing

Security-related events are logged and audited so important account activity can be reviewed when needed.

This includes events such as authentication activity, MFA-related activity, account protection events, and other security-sensitive actions within the application.

Infrastructure Practices

BananaBird-Stage is deployed with a focus on protecting both the application and the infrastructure it runs on. Current practices include:

  • Hosted on Amazon Web Services (AWS)
  • Full disk encryption for production storage
  • Encrypted HTTPS connections for all web traffic
  • Firewalls configured to expose only required public services
  • Administrative access restricted to authorized IP addresses
  • Regular backups stored on encrypted storage

Privacy by Design

  • No bank integrations
  • No advertising
  • No sale of financial data
  • No financial profiling
  • No third-party financial aggregation

Your Role in Security

Security works best when both the application and the user take reasonable precautions.

  • Use a unique password
  • Enable multi-factor authentication
  • Keep recovery codes somewhere safe
  • Review temporary users regularly
  • Log out of shared or public devices
  • Keep your browser and devices updated

Responsible Disclosure

If you believe you have discovered a security issue, please report it privately through the Support page.

Though we do not run a Bug Bounty program at this time, responsible reports are appreciated and will be reviewed seriously.

Continuous Improvement

Security is reviewed as BananaBird-Stage evolves. New features are evaluated for security impact, and additional protections may be added over time where they make sense for the application and its users.