How Landager Stores Passwords Securely (Bcrypt Hashing)
Learn how Landager protects your password using bcrypt hashing. Understand why your credentials are safe, what hashing means, and why we never store plaintext passwords.
Your Landager account holds sensitive data — tenant information, lease documents, financial records, and more. We take password security seriously and use industry-standard protection to keep your credentials safe.
We Never Store Plaintext Passwords
When you create a Landager account or change your password, the actual text you type is never saved anywhere in our system. Not in the database, not in logs, not in backups.
Instead, we use a process called hashing to convert your password into an irreversible scrambled string before storing it.
What is Bcrypt?
Bcrypt is an industry-standard password hashing algorithm specifically designed for securing credentials. Here's how it works:
- You enter your password (e.g.,
MySecurePass123!) - Bcrypt adds a random salt (extra random data unique to your password)
- The algorithm runs the salted password through multiple rounds of cryptographic processing
- The result is a hash — a fixed-length string that looks nothing like your original password
- Only the hash is stored in our database
Why Bcrypt is Secure
- One-way function: You cannot reverse-engineer the original password from the hash. There is no "decrypt" process.
- Salted: Each password gets a unique random salt, so even if two users have the same password, their stored hashes are completely different.
- Computationally expensive: Bcrypt is intentionally slow to compute, making brute-force attacks (trying millions of passwords) impractical.
- Battle-tested: Bcrypt has been used by major companies and security professionals for decades.
What This Means for You
- Even our team can't see your password: Database administrators cannot view or recover your actual password from the stored hash.
- Data breach protection: In the unlikely event of a database breach, attackers would get hashes — not usable passwords.
- No password recovery: Because we can't reverse the hash, we use OTP verification for password resets instead of sending you your "old" password.
Google OAuth Users
If you signed in with Google OAuth, Landager doesn't store any password for your account at all. Authentication is handled entirely by Google's infrastructure, and we only receive a secure token confirming your identity.
Your Role in Security
While we protect your password on our end, account security is a partnership:
- Choose a strong password: See Tips for Creating a Strong Password
- Don't reuse passwords: If another site is compromised, your Landager account stays safe
- Update regularly: Change your password periodically via Settings
- Keep your email secure: Your email is the key to password resets
Ready to simplify your rental business?
Join thousands of independent landlords who have streamlined their business with Landager.
Related Reading
How to Change Your Password While Logged In
Already signed in and want to update your Landager password? Learn how to change your password from the Settings page to keep your property management account secure.
How to Sign Up with Email and Password
Step-by-step guide to creating your Landager account using email and password registration. Learn what information is required, how your password is protected, and what happens after sign-up.
Tips for Creating a Strong Password
Best practices for creating a secure password for your Landager property management account. Protect your tenant data, financial records, and lease documents with a strong password.