Security
What We Do
Password hashing — Passwords are hashed. We never see or store your plain password.
Secure transmission — Data is encrypted in transit (HTTPS).
Session handling — Tokens are stored in the browser. Sign out on shared devices.
Best Practices
Strong password — Use at least 8 characters. Mix letters, numbers, and symbols. Avoid reuse across sites.
Do not share credentials — Never share your password. We will not ask for it by email.
Sign out on shared devices — If you use a public or shared computer, sign out when done.
Report suspicious activity — If you see something wrong, contact info@hokai.io.
Change Password
Go to Settings → Security. Use the change password flow. You will need your current password. We do not support 2FA yet — we will announce it when available.