Security policy
Dental Display QA, 7/7/2017
All communications (i.e. data) between the user’s browser and the Dental Display QA website is encrypted using the Hyper Text Transfer Protocol Secure or https:// .
All user authentication and password management is performed by Auth0, Inc. No user names or passwords are ever stored by Dental Display QA. Auth0 helps you prevent critical identity data from falling into the wrong hands. Passwords are never stored as clear text - they are always hashed securely using bcrypt. Both data at rest and in motion is encrypted - all network communication uses TLS with at least 128-bit AES encryption. Auth0 takes advantage of the industry's most sophisticated, battle-tested infrastructure. Auth0 runs on hardened Linux hosts with automatic security patching, carefully-configured security groups, segmented VPCs, and role-based access controls, combined with many other advanced protections built into the cloud infrastructure. Auth0 safeguards users with default email verification at account creation time and during password resets. From the start, Auth0 has been built on tested, verified identity standards, including LDAP, SAML, OAuth, OpenID, OpenID Connect, and JSON Web Tokens (JWTs) - all of the common and most popular identity standards.
Auth0 is SOC 2 Type II certified - an independent auditor has evaluated our product, infrastructure, and policies, and certifies that Auth0 complies with their stringent requirements
Auth0 conforms with the brand-new EU-US Privacy Shield Framework for regulating privacy in data flows between the European Union and the United States
Auth0 conforms to the OpenID Connect protocol, and our products are certified by the OpenID Foundation