Crypto Maniac Security Policy

Offline Funds Storage.

Offline Funds Storage We store the majority of our customer's funds in a secure offline wallet, with only a portion available in a 'hot' wallet for instant withdrawals. This method vastly improves security at a minor expense of large withdrawals requiring manual processing.

DDoS Protection

We utilize a leading DDoS provider for all public facing content and cache all static content on a CDN to provide the fastest possible load times.

Best Practices

Our website traffic runs entirely over encrypted SSL (https) using Extended Validation (green bar) certificates. Wallets (and private keys) are stored using AES-256 encryption.


We use firewalls to only allow authorized access to specific ports

Secure Website

All interaction with the website is required over HTTPS so all communication is encrypted via SSL.

Two-Factor Authentication

Customers can set up two-factor authentication for accounts with Google Authenticator to provide an extra layer of security.


We use SQL injection filters and verify the authenticity of POST, PUT, and DELETE requests to prevent CSRF attacks. All requests pass through a security layer to prevent DDoS and other security threats.


We hash passwords stored in the database (encrypted). We check for strong passwords on account creation and password reset.