Security

Your login credentials are locked down the moment you save them. They are never stored in plain text. The encryption keys that protect them are stored separately from your data, so even if our servers were compromised, your credentials would remain unreadable.

Each browser login monitor runs in its own separate browser process. After every run, the browser is shut down and all session data is discarded. No cookies, session tokens, or cached data carry over between runs. One monitor cannot access data from another.

All data is encrypted at rest and in transit. Your monitoring data is replicated across data centers for durability. Automated backups run daily and are retained for 14 days. If something fails, your monitoring history is recoverable.

Every request to your account requires authentication. Automated protections limit repeated requests to prevent abuse. Sessions expire automatically after inactivity. No one can access your account data without signing in.

All traffic to Velprove is protected by Cloudflare, which blocks malicious traffic before it reaches our servers. Internal services run on private networks that are not accessible from the internet. Communication between our servers is cryptographically verified to prevent tampering.

When a browser monitor fails, we capture a screenshot so you can see what went wrong. Screenshots are stored in secure cloud storage with unique, unguessable URLs. Only your account can access your screenshots. They are automatically deleted based on your plan's retention period.

Create a dedicated monitoring account on the service you want to monitor. Give it the minimum permissions needed to log in and verify the dashboard loads. Do not reuse your admin credentials.

If the monitoring account has two-factor authentication (2FA) enabled, disable it for that account only. Browser login monitors cannot complete 2FA prompts. Since this is a limited-permission account with no access to sensitive settings, this is the safest approach.