Using youProof securely

Written by: Franz Josef Drexler

September 20, 2024

An image of a person using a smartphone surrounded by icons of a lock, shield, and cloud, symbolizing security and data protection.

youProof is designed to keep everything secure by default. However, it is still just a tool. Here are some best practices to keep your youProof profile as secure as possible:

Device Access

Access to your youProof profile is controlled by your device’s lock screen. This means that anyone who can unlock your phone (via biometrics, PIN code, or other authentication methods) can access your youProof app. Ensure that only you are able to unlock your phone.

Device Integrity

youProof is only as secure as the device the app runs on. If the operating system is compromised, your youProof profile is at risk. Always use youProof on your own devices. Avoid jailbreaking or rooting your device, as this significantly weakens the otherwise strong security of your mobile device.

Backup

Part of our security model is that only you can control your youProof profile. We cannot recover your profile if it is lost. To prevent losing your profile, create a backup by connecting your youProof profile to a second device you own (e.g., another phone, an iPad, or a Mac).

To do this:

  1. Tap “Login on another device” in your youProof app.
  2. Scan the QR code displayed with the youProof app on your other device by tapping “Import” when first opening the app.

Note: Printing the login QR code is an option, but we don’t recommend it if another device is available. Never take a screenshot of this QR code, and do not store it in your photo library, as it is not secure enough.

Control Who Sees What

youProof allows you to control who sees which parts of your profile by choosing between sharing “Everything” and “Links and Posts only”. We recommend using the “Links and Posts only” mode for social media and only sharing everything with people you personally know (or have met in person).

Sharing Information

Lastly, use your common sense to decide what to share and where to share it. Currently, you cannot make a profile link invalid. If someone has your profile link, they can share it with others. Only share information that you are comfortable with potentially becoming public knowledge. Our security systems are strong, but we cannot prevent people from sharing links.

Finally, don’t forget to download and try out youProof—it’s free and doesn’t even require an email address.