Security
Last updated: February 2026
Your security is our priority. Here's how we protect your data.
Non-Custodial Service
Mining Tracker is completely non-custodial. We never:
- Store or have access to your private keys
- Sign transactions on your behalf
- Move or control your cryptocurrency
Authentication Security
- Passwords are hashed using Argon2id (winner of the Password Hashing Competition)
- Secure OAuth integration with Google and GitHub
- Optional two-factor authentication (TOTP)
- Rate limiting to prevent brute-force attacks
Data Protection
- All data encrypted at rest and in transit (TLS)
- Strict data isolation between users
- Regular encrypted backups
You Are In Control
- Export all your data anytime
- Delete your account completely
- Enable/disable 2FA as needed
Responsible Disclosure
If you discover a security vulnerability, please report it to: security@gomining-tracker.com
Security Summary
Non-custodial (no access to funds)
Argon2id password hashing
Optional 2FA (TOTP)
Rate limiting on auth
Encrypted data at rest
TLS everywhere
Data export available
Full account deletion