We understand the level of trust you’re placing in us when choosing to store your important information – as well as precious memories – in a Keylu account, that’s why we place the protection and security of your data at the very centre of our service offering.
We at Keylu take security very seriously. It underpins how our product is designed and implemented, and the policies we have in place for maintaining that security.
Keylu has moved from using email-address-and-password to a Passwordless authentication system. The way it works is simple - each time you sign in, you enter your email address and receive a one-time code that is used to sign in instead of a password.
Why Keylu moved to a Passwordless system
Your information is encrypted and stored using industry leading technology. All communications with Keylu - when you load a page, upload documents or submit a form - are protected by 2048-bit SSL certificate encryption. When we store your data at rest everything is encrypted using 256-bit AES encryption, one of the strongest available. 
Often referred to as MFA or 2FA, multi-factor authentication adds an additional layer of security via SMS or an authenticator app, protecting your most sensitive data and ensuring no one but you has access. We use step-up multi-factor authentication, this means you can sign in without MFA, but in order to access data already stored or to perform certain key tasks, you will be required to sign in using your second authentication factor on demand.
At Keylu we follow a strict set of processes and protocols to safeguard your data and ensure that no-one but you and the people you allow (like your Trusted Contacts) will have access. Keylu employees are not able to access your data under any circumstances.
One of our founding principles is that we will never share your data with a third party without your consent. Your data is yours, and only you can make the decisions on how you want to share it.
For redundancy purposes your data is securely replicated to two different geographic locations around the world. This ensures that should something happen to the data stored in one location, your data can be recovered from another. This replicated data is secured and stored in the same way as the primary data, and governed by the same rigorous security protocols.