📄️ Best practices
📄️ CAPTCHA
CAPTCHAs are services that protect your website from spam and disruptive behaviour. They generally use risk analysis techniques in the background to tell humans and bots apart. FOSSBilling supports Google reCAPTCHA out of the box. However, you can find other CAPTCHA providers like hCaptcha in the extension store.
📄️ Multi-factor Authentication
Multi-Factor Authentication adds an extra layer of security in addition to passwords. Think of it as having two locks on the door to your house that both need to be opened before you can get in. It's an additional security step you need to complete after entering your password, which could be via various methods: a code via SMS, Google Authenticator, Authy, another app, or with a hardware key.
📄️ Reporting a vulnerability
If you discover a security vulnerability in FOSSBilling, please do not disclose it publicly. Instead see below and follow our security policy so we can take care of it without exposing more users to danger.