Skip to main content
Security is a core part of Writtte, not an afterthought. We design every system to protect your data at every stage, from creation to storage to access.

How we protect your data

Your documents are valuable. We use industry-standard security practices to keep them safe.

Encryption at rest

All documents stored in Writtte are encrypted using AES-256 encryption. This is the same encryption standard used by banks, government agencies, and security-critical systems worldwide. What this means for you:
  • Your documents are encrypted before they are stored
  • Even if someone gained unauthorized access to our storage systems, your content would be unreadable
  • Encryption keys are managed securely and separately from encrypted data

Encryption in transit

Every time you access Writtte or save your work, that data travels between your device and our servers. We protect this communication using TLS encryption. What this means for you:
  • Your data is encrypted while traveling over the internet
  • No one can intercept or read your documents during transmission
  • You can verify the secure connection by checking for the lock icon in your browser

Secure access controls

We strictly limit who and what can access your encrypted data. Access is granted only to authorized application services that need it to function. Our approach follows the principle of least privilege:
  • Systems and processes receive only the minimum permissions required
  • Access is logged and monitored
  • Unauthorized access attempts are blocked automatically

Infrastructure security

We build Writtte with security best practices throughout our infrastructure:
  • Secure key management: Encryption keys are stored separately from data and managed using industry-standard practices.
  • Regular updates: We keep all dependencies and security components up to date with the latest patches.
  • Isolated environments: Critical services run in isolated environments to prevent unauthorized access.
  • Monitoring and logging: We monitor systems for suspicious activity and maintain logs for security analysis.

Your role in security

While we protect the platform, you play an important role in keeping your account secure.

Best practices for users

  • Use a strong password: Choose a password that is unique to Writtte and meets our security requirements (8-128 characters with uppercase, lowercase, numbers, and special characters).
  • Keep credentials private: Never share your password or account details with others.
  • Verify emails: Only click links in emails that you requested (such as sign-up verification or password reset).
  • Sign out on shared devices: If you use Writtte on a public or shared computer, always sign out when finished.
  • Update your password regularly: Consider changing your password periodically, especially if you suspect unauthorized access.

Questions about security?

If you have specific security concerns or questions about how we protect your data, you can:
  • Review our security practices in this documentation
  • Contact our support team for detailed information
  • Check our GitHub repository for technical implementation details
If you discover a security vulnerability, please report it responsibly through our GitHub repository or by contacting our security team directly.
We take security seriously and continuously work to improve our protection measures. Your trust is important to us, and we are committed to keeping your writing safe.