DataInherit has implemented the "secure remote password protocol" (SRP). The method was invented at Stanford University by Tom Wu (RFC 2945). Using SRP DataInherit provides maximum security against internet threats like eavesdropping and dictionary attacks and still is easy to use. Another important aspect of SRP is that DataInherit must neither store your password nor any one-way function of the password. Read more about SRP at http://en.wikipedia.org/wiki/Secure_remote_password_protocol.

DataInherit designed and developed together with its scientific partner Zurich University of Applied Sciences a new way how to generate easy to memorize (but still strong) passwords and visualize the "how secure the password is" in the most simple way.

DataInherit can never read a client data or client logins (username and password). Therefore the client data is highly secure and protected against fraud. This also means that the client is never to forget his login because his data would be lost in this case. To help in situations of lost or forgotten login DataInherit provides our clients with the “Login Recovery Code” form. The client’s personal login recovery code can be printed from within the client’s account. Important: Do not forget to print this form and keep it in a safe and confidential place.

DataInherit targets maximum security for our clients. DataInherit therefore offers to all clients a strong authentication method (see user preferences for activation) called mTAN. We recommend to our clients to make use of this additional strong security feature. With mTAN activated the user will be asked at login to type in a onetime password that was delivered to him over the mobile network by text-message (SMS). This so called mTAN is proven to be more secure than many other 2-factor authentication methods such as TAN or iTAN. For more information on 2-factor authentication please read: http://en.wikipedia.org/wiki/Two-factor_authentication.

Strong encryption is a core quality and competence of the DataInherit application. DataInherit even encrypts passwords in the memory of the client computer when the DataInherit password safe is in use. Only when a single password is actually viewed or used by the client it will be temporarily decrypted and displayed.

DataInherit encrypts all client data with highly secure and worldwide acknowledged encryption methods (RFC 2898). No hackers, government agencies or DataInherit staff members can ever access client data and information that is stored with DataInherit. DataInherit makes use of well-researched cryptographic standards such as AES-256 and RSA-2048, without compromise. Both standards provide a proven security for many years to come. For more information on cryptographic keys please read: http://www.keylength.com. 

The DataInherit application and data storage – and therefore all client data – are only hosted with highly secure datacenters inside of Switzerland. DataInherit datacenters further on comply with the specific regulations of the Swiss Federal Banking Commission. Providing long-term archiving DataInherit makes use of specialised archiving facilities in former Swiss military infrastructure inside the Alps.

DataInherit subscribes to McAfee Secure service that performs vulnerability scans and compliance checks of DataInherit’s web services on a daily basis. Please see the corresponding seal shown on the bottom of this page. Clicking on the seal will reveal the latest scan reports.