Siegel Financial Siegel FinancialWealth, made clear Back to dashboard
Security

Report a security concern.

If you believe you found a vulnerability, please send enough detail for the issue to be reproduced and fixed quickly. Reports are reviewed with priority because user trust matters here.

Last updated: July 3, 2026

How to report

Email hello@siegelfinancial.org with the subject Security Report. If you can, include:

Please do not include passwords, API keys, Social Security numbers, full account numbers, or another person's private data in a report.

Safe testing rules

Good-faith reports are welcome. To keep users protected, please stay within these limits:

There is not a paid bug bounty program at this time, so no reward is promised for reports.

Current protections

Encrypted trafficThe site is served over HTTPS, with browser security headers configured through Firebase Hosting.
Private user recordsFirestore rules are designed so signed-in users can access only their own plan document.
Managed loginFirebase Authentication handles account login, password reset, and session management.
Abuse protectionFirebase App Check with reCAPTCHA helps limit automated abuse of backend services from unsupported origins.
Credential boundariesThe app is designed for balances and planning inputs, not bank credentials, tax IDs, or full account numbers.

For users

Use a strong, unique password. Sign out on shared devices. Do not enter bank passwords, brokerage passwords, Social Security numbers, tax IDs, full account numbers, or payment card numbers.