NoteWave
NoteWave Logo
Help Center
Home
Updated Feb 1, 2026|5 min read

Account Security

Learn about authentication methods and security features.

Introduction

NoteWave takes security seriously. This guide explains how we protect your account, the authentication methods we support, and best practices for keeping your data safe.

Authentication Methods

NoteWave supports multiple secure sign-in options:

Google OAuth

Sign in with your Google account. This is the most secure and convenient option, leveraging Google's authentication infrastructure.

GitHub OAuth

Sign in with your GitHub account. Ideal for developers who prefer GitHub authentication.

Email & Password

Traditional email and password authentication with secure password hashing and email verification.

Recommended: OAuth Sign-In
We recommend using Google or GitHub OAuth for the strongest security. These providers offer built-in two-factor authentication and security monitoring.

Two-Factor Authentication (2FA)

NoteWave does not currently offer native two-factor authentication. However, you can enable 2FA through your OAuth provider:

For Google OAuth users:

  1. Go to your Google Account settings (myaccount.google.com)
  2. Navigate to Security
  3. Enable 2-Step Verification
  4. NoteWave will inherit this security when you sign in with Google

GitHub users can enable 2FA in their GitHub security settings, and it will apply to NoteWave logins as well.

Infrastructure Security

NoteWave is built on industry-leading security infrastructure:

Supabase Database

Your data is stored in Supabase, a SOC 2 Type 2 certified platform with enterprise-grade security.

Row-Level Security (RLS)

Database access is protected with RLS policies, ensuring users can only access their own data.

End-to-End Encryption

All data in transit is encrypted with TLS/SSL. Data at rest is encrypted using AES-256.

GDPR Compliance

NoteWave is GDPR compliant. We never share your data with third parties without consent.

Password Best Practices

If you use email/password authentication, follow these guidelines:

  • Use a unique password that you don't use on other websites
  • Create a strong password with at least 12 characters, including uppercase, lowercase, numbers, and symbols
  • Consider using a password manager like 1Password, Bitwarden, or LastPass
  • Never share your password with anyone
  • Update your password periodically (every 6-12 months)

To change your password, go to Settings → Account → Change Password.

Active Sessions

NoteWave keeps you signed in for convenience. To sign out:

  • Click your profile icon in the top-right corner
  • Select Sign Out
  • You'll be redirected to the login page

Always sign out when using a shared or public computer to prevent unauthorized access.

Data Privacy

Your privacy is our priority:

  • NoteWave never sells or shares your data with third parties for marketing
  • Transcription data is processed securely and not used to train AI models
  • You can export or delete all your data at any time
  • We comply with GDPR, CCPA, and other privacy regulations

For full details, read our Privacy Policy and Terms of Service.

Reporting Security Issues

If you discover a security vulnerability or have concerns about your account security:

  • Email us immediately at contact@notewave.co.za
  • Do not publicly disclose the issue until we've had time to address it
  • We take all security reports seriously and will respond within 24 hours

Was this article helpful?

Your feedback helps us improve our documentation.