🔑
Password hashing
PBKDF2-SHA256, 600,000 iterations — OWASP-aligned out of the box. No plaintext, no reversible encoding, no MD5.
B2B TRUST, PRE-BUILT
Security
Your customers' proposals, pricing, plan files, and audit history live in BidGlory. We treat that responsibility the way you'd want your own vendors to.
🛡
Breach checking
Have-I-Been-Pwned Pwned-Passwords integration on every password set. Users can't pick a password from a known breach corpus.
🔒
Encrypted secrets
SMTP passwords, API keys, third-party tokens — stored under ASP.NET Data Protection, never plaintext in the database.
👤
Role-based access
Admin / Sales / Install / Portal roles, scoped permissions per area. Install crew can't see margin; portal user can't see other customers.
📜
Audit trail
Every login, every failed login, every bid edit, every proposal export — logged. Know who did what, when, from where.
🗄
Schema migrations
Idempotent SQL migrations with SHA-256 drift detection. Upgrades are safe; your data is stewarded across versions, not stranded.
↪
Portable .bgbid export
You own your data. Round-trip any bid as a portable file for backup, transfer, or offline review — no vendor lock-out.
🏠
Single-tenant deploy
Your company's data lives in your own instance. No shared database, no noisy-neighbor multi-tenant exposure. Self-host or run it managed.
✦
AI stays on your terms
Bring your own LLM endpoint — self-hosted or cloud. No customer data leaves your perimeter unless you point AI at an external provider.
RESPONSIBLE DISCLOSURE
Found something? Tell us.
We take security reports seriously. Email security@bidglory.com with steps to reproduce. We acknowledge within one business day and won't pursue legal action against good-faith research.
★ FREE 30-MINUTE DEMO
See the security model in action.
30 minutes. Free. We'll walk through the audit log, the role model, and the data-export story on your real questions.