Security
The security of your information is critical.
Here is how we keep it safe.
Your Airbnb account
Your password is not stored.
Your Airbnb account password is never stored by us. As a matter of fact, it would be useless to us, since we connect to Airbnb using their API. This is, for example, how we obtain the profile of a user. As you will notice, there is no form to enter a password.
Instead of using your password, your account is authenticated using a token that is requested to Airbnb the first time you connect your account to Hospitable.
Only this token is stored in our database in a secure fashion, not your password.
Airbnb’s API helps us secure your account.
Airbnb’s API offers a system of authentication with a disposable token. Using this method of identification helps secure your Airbnb credentials:
- It is impossible to change the account’s password with the token. We couldn’t change the password if we wanted to.
- If the password is changed by the account’s owner, all tokens generated previously are immediately rendered useless by Airbnb.
This means the account’s owner retains full control over their Airbnb account.
This results in the token as it would be stored. It is formatted as an hexadecimal string of 512 characters:
8ad6a157f4d930a12b4c4e90a5e125e0d3e02d3f180c7e61c088d95e4b04dc07
49fa68d901de7aa92bdac6242d636202ccb9e4ef2054bf85223e31e912e95dbe
3d1be946d312dfb6bc097073e7ff46347dd7c57427257405ee7c31e13d2f990f
7cb746976a7db7d19aeb38fcdc60d8f1a5a8b569d9a966769f71ca58b7d75de0
60b8b95dcc1a92f994269372fa96b701d913bbeba70b9accef4987f494cf3aa7
5361f4bf1f632ae1ec9aa32a40801f54602ff989e4cc2d65010a310a1db39f61
ec40abd80f0bf1d0d071f2b87614f38512ebc9798761d99ebe3b240c5299386c
7337bb83940190e27f9ad0b9f45813eb83937765c135297fd0b106acc9bc3d98