Security & Compliance
Authentication & 2FA
Account security, passwords, and two-factor authentication.
Stak uses JWT-based authentication with HTTP-only secure cookies. Passwords are hashed with bcrypt. Two-factor authentication (TOTP) can be enabled per user for additional security. 2FA is enforced for admin roles on Enterprise plans.