How Octo Browser Protects User Data

APRIL 2, 2024 PRIVACY & ANONYMITY EXPERT OPINION
Why can't high-quality multi-accounting browsers be free?
Valeryia Maksimchuk
Chief Content Creator, Octo Browser
Octo Browser substitutes the original digital fingerprint of a user with another of a real device, allowing users to create an unlimited number of accounts on any website or platform and manage them simultaneously. The data of these accounts, as well as information about the owners of such profiles, is of highly significant value. Therefore, protecting it is an important task for the Octo Team.

Let's discuss the cybersecurity threats relevant to users of multi-accounting browsers and what exactly Octo developers do to ensure the security of user data.

Table of contents

What threats can jeopardize the data security of multi-accounting browser users?

Valuable profile data can be leaked to malicious actors by users themselves by mistake, lost due to an account breach, or compromised during a multi-accounting browser database leak.

The latter scenario is highly unlikely, but it does occur occasionally. For example, there was a leak of 15% of user browser profile data from Dolphin{anty} in July 2022. Typically, such data includes cookie files, passwords saved in profile descriptions, information about cryptocurrency wallets, etc. Such a leak is impossible in Octo Browser, as data of this type is stored in encrypted form.

An additional risk arises when a team uses a multi-accounting browser. In such cases, an impostor within the team may delete, transfer, or misuse the data from profiles for their purposes.

How user data is protected in Octo Browser

We have taken all the necessary steps to ensure the safety of our users' data:
  • We store data on European cloud servers and encrypt it in accordance with the AES-256 standard. This is the most secure encryption protocol used by governments, financial organizations, banks, and enterprises.
  • The storage of data is organized in such a way that even if a malicious actor gains access to the database, they will not be able to access user profiles. Profiles are encrypted using several components at once: a secret key, a unique database key, and a user key if they have password-protected the profile. If a malicious actor does not have access to all these components at the same time, they cannot decrypt the profile.
  • To conveniently control team members’ access rights, Octo employs tags. Additionally, it is possible to view the history of profile actions and restore deleted profiles from the Trash.
Granting access rights to work with profiles to a team member

Granting access rights to work with profiles to a team member

  • If it is necessary to revoke a team member’s access rights to certain profiles, this can be easily done in your account settings in the "Team" section. Completely removing an account of a team member can be done through our Technical Support.
  • With the release 1.14, we shipped the ability for the master account to protect profile launches with a password. Without the password, the profiles cannot be launched.
Распределение прав доступа к работе с профилями для участника команды

Setting a password for profile

  • Octo Browser employees only have access to the bare minimum of personal data for product usage analytics and notifications about browser updates and current discounts. We know the user's email, subscription, and payment amounts, but we cannot see the actions users perform with their profiles.
Therefore, significant security issues on the Octo side are highly unlikely. However, statistically in most cases, data leaks are related to user actions. Therefore, it is important not only to trust the security and reliability of the browser but also to follow data safety guidelines and recommendations.

What can be done to reduce the risks of losing an account and data leaks?

A significant part of threats can be avoided by following the basic rules of information security:
  • Passwords should be complex, different for all websites, and it's highly advisable to change them regularly. It's better not to store them in a notepad kept in your desk drawer, but in a secure password manager of your choice, such as Bitwarden or Dashlane.
  • Never click on unknown links.
  • Sharing login and password information with other people is a bad idea.
  • Installing programs from unknown sources is an even worse idea.
  • Each employee should only have access to the profiles they work with.
  • If there is a software update available, it's better to update.
  • To avoid losing access to your Octo Browser account, register it using an email address that you will always have access to.
Be sure to always follow these basic rules, and try to stay up to date with the latest cybersecurity trends.

What if I accidentally delete a profile or my account? Can it be restored?

It is impossible to accidentally delete an account.
To do this, you need to send an email requesting the deletion of your account to help@octobrowser.net from the email address associated with your account containing the following statement: "I would like to delete my account name@domain.com." After that, you can also send your request to the support bot on the website or to the Telegram Support bot, and you will be notified of the result of your request within 2 minutes. It is impossible to restore access to the account data once it is deleted. Profiles are also not deleted immediately but moved to the Trash, from where they can be restored within the next 48 hours.

Stay up to date with the latest Octo Browser news
By clicking the button you agree to our Privacy Policy.

Related articles
Join Octo Browser now
Or contact the support team in chat for any questions, at any time.