Security at Prompt Library
We take security seriously. Learn about the measures we take to protect your data and ensure a safe experience.
Security Features
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Secure authentication with password hashing, session management, and optional 2FA.
API rate limiting prevents abuse and ensures fair usage for all users.
All user inputs are sanitized and validated to prevent XSS and injection attacks.
Hosted on Vercel with automatic DDoS protection and global edge network.
24/7 monitoring and alerting for security events and anomalies.
Security Headers
| Header | Value | Status |
|---|---|---|
| X-Content-Type-Options | nosniff | Enabled |
| X-Frame-Options | DENY | Enabled |
| X-XSS-Protection | 1; mode=block | Enabled |
| Referrer-Policy | strict-origin-when-cross-origin | Enabled |
| Content-Security-Policy | Configured for strict security | Enabled |
| Strict-Transport-Security | max-age=31536000; includeSubDomains | Enabled |
Compliance
GDPR Compliant
We comply with the General Data Protection Regulation for EU users.
CCPA Compliant
We comply with the California Consumer Privacy Act for California residents.
SOC 2 Type II
Our infrastructure provider maintains SOC 2 Type II certification.
Security Best Practices
For Users
- Use a strong, unique password for your Prompt Library account
- Enable two-factor authentication when available
- Never share your account credentials with others
- Log out from shared or public computers
- Report any suspicious activity to our security team
For API Users
- Keep your API keys secure and never expose them in client-side code
- Rotate API keys regularly
- Use environment variables to store sensitive credentials
- Implement proper error handling to avoid information disclosure
Report a Security Vulnerability
Found a security issue? We appreciate responsible disclosure.
Contact Security Team