BaseStack help article

Keep your account secure

Practical security habits for BaseStack accounts, billing, domains, and support tickets.

Overview

BaseStack sites are public-facing, and your account can include personal profile data, billing state, and domain settings. A few habits reduce the chance of account or support issues.

Recommended habits

Key points

  • Use a strong, unique password if you sign in with email and password.
  • Keep access to the email or OAuth provider tied to your account.
  • Review public links before publishing.
  • Do not upload secrets, private credentials, customer data, or unreleased client work.
  • Use the Stripe portal for payment details instead of sending card information to support.
  • Keep registrar and DNS account credentials private.

Watch for phishing

BaseStack support will not ask for service role keys, Stripe secret keys, registrar passwords, or one-time sign-in codes.