Firefly III should be run on a TLS enabled host (
https://) even when running locally. Please remember that this is open source software under active development, and it is in no way guaranteed to be safe or secure.
- By default, Firefy III only supports one user registration. You can disable this in the administration.
- You should use disk- and database encryption whenever possible.
- Firefly III supports 2 factor authentication, check your preferences.
If you find something that compromises the security of Firefly III, you should send me a message as soon as possible. These issues will be fixed immediately.