Browser sessions are protected using TLS versions 1.0 through 1.2 for maximum browser compatibility. ECDHE cipher suites are supported to provide Perfect Forward Secrecy (when supported by the browser). There are limits imposed on login attempts per user, per IP, and per session. If per-user limit is reached, then IP whitelists are imposed. Saved passwords and associated data are protected using AES-256 with salt and MAC. Beyond that, the security of the product ultimately relies on choosing a strong password, verifying your certificate, and restricting physical access to your PC.