Security

Last updated July 8, 2026

How we protect content and what you should know.

Transport and storage

All traffic is served over HTTPS. Passwords for protected pastes are hashed with Argon2 and never stored in plaintext. API keys are stored only as hashes.

Secret scanning

Before a public paste is published, we scan it for keys, tokens, and credentials and warn you so you can redact them.

Abuse prevention

We rate-limit anonymous activity, auto-flag suspicious content, and run a moderation queue. Report anything harmful with the Report button on any paste.

Reporting a vulnerability

Found a security issue? Please email security@pastevio.com. We appreciate responsible disclosure.