Security Update - June 2020

Update to user password standards

Security is a top priority for us here at LOKE. We are PCI compliant and constantly monitor our product for security requirements. It is standard procedure for us to update our security measures and these changes are nothing to be concerned about. 

You may have seen the following messages in one of our apps:

Current users - "Password update required, please click here to update"
New users - "Password not accepted, please choose another"

or you may have reports of customers being logged out of their app and asked to create a new password.

LOKE has not had a security breach, but we have identified attempts to access some apps using passwords that have been compromised elsewhere.  

Basically, it means that the email/password combination entered has been breached (an incident where data has been unintentionally exposed to the public) via another service in the past, and our security has picked up that the combination is on a compromised passwords list.

We don’t want your credentials to be compromised on any of our apps, so we ask that you enter a new password. 

You can look up your email address via the service we use HIBP https://haveibeenpwned.com/ to see where it was previously compromised. 

The best way to protect yourself from these breaches is to use a strong, unique password every time you create a new account. 

For more information about compromised lists please visit https://haveibeenpwned.com/FAQs

Other recent updates to our security:

• IP Localisation Lookup - To ensure you are in the country the app is being used
• HIBP API - To ensure the credentials entered haven’t been previously compromised

Please contact support if you have any questions or require further information - support@loke.global