BaseStack help article
Keep your account secure
Practical security habits for BaseStack accounts, billing, domains, and support tickets.
Overview
BaseStack sites are public-facing, and your account can include personal profile data, billing state, and domain settings. A few habits reduce the chance of account or support issues.
Recommended habits
Key points
- Use a strong, unique password if you sign in with email and password.
- Keep access to the email or OAuth provider tied to your account.
- Review public links before publishing.
- Do not upload secrets, private credentials, customer data, or unreleased client work.
- Use the Stripe portal for payment details instead of sending card information to support.
- Keep registrar and DNS account credentials private.
Watch for phishing
BaseStack support will not ask for service role keys, Stripe secret keys, registrar passwords, or one-time sign-in codes.