Your cloud credentials and files, fully protected
Nubbo encrypts all provider credentials with AES-256-GCM, supports two-factor authentication and uses presigned URLs so your files never pass through our servers. Security built into every layer.
Security at every level
Your cloud storage credentials are encrypted at rest with AES-256-GCM before being stored. The encryption key lives as an environment variable and never touches the database. All file transfers use presigned URLs. Your data travels directly between your browser and your provider.
- AES-256-GCM encryption for all stored provider credentials
- Two-factor authentication (TOTP) with recovery codes
- Presigned URLs: files never pass through Nubbo's servers
- Email verification, session management and remote device logout
How your data stays safe
Your API credentials are encrypted with AES-256-GCM the moment you save them
All file transfers use presigned URLs, direct from your browser to your provider
Enable 2FA and manage active sessions from your security settings
Frequently asked questions
No. Nubbo never stores, reads or processes your files. All uploads and downloads use presigned URLs for direct browser-to-provider transfers. Nubbo only stores file metadata (names, paths, sizes) as an index.
All credentials are encrypted with AES-256-GCM before being stored in the database. The encryption key is kept as an environment variable and never stored alongside the data.
Even in the unlikely event of a database breach, your credentials remain protected by AES-256-GCM encryption. Without the encryption key, the data is unreadable.
Yes. Nubbo supports TOTP-based two-factor authentication with any authenticator app. You also get recovery codes in case you lose access to your device.
Yes. Nubbo tracks active sessions with device and IP information. You can view all sessions and remotely log out any device from your security settings.
Yes. A verification email is sent when you register. You must verify your email address before you can log in and use the platform.