---
title: Security
sidebar: Handbook
showTitle: true
---

It is critical that everyone in the PostHog team follows these guidelines. We take people not following these rules very seriously - it can put the entire company and all of our users at risk if you do not.

## Password Managers

You **must** make use of a password manager; it simply isn't possible to use appropriate passwords securely without one.

PostHog uses [1password](https://1password.com/) for storing all passwords.

## Password Strength

Please use strong passwords for everything. Use the 1password password generator that comes with the app in all cases. Do not repeat passwords across different sites. 

## Dual Factor Authentication

You should enable dual factor authentication for any account where the option is available, especially those which are core to your work.