Moment is a cloud-based service. All data is stored on our servers and you can log in from any computer, mobile phone or tablet from anywhere in the world. This offers you great flexibility and freedom. You can submit your hours on the subway on the way home from work. You can retrieve an updated time overview on your laptop whilst in a client meeting, and you can even give a new co-worker access to Moment while you are on holiday.
For us, a cloud-based service means strict security requirements. Therefore, all communication between you and our servers are encrypted. This means that even if someone were able to intercept the data, they will not be able to understand the content. We will automatically forward you to our encrypted connection if you are trying to use a non-encrypted connection. An encrypted connection is shown by https:// in the browser, as shown in the picture below. There are many varieties of encrypted connections, and we continuously monitor the encryption we are using, and ensure that we are maintaining the highest possible degree of security. You can check an external security service for tests and rating, for example Qualsys SSL Labs.
We believe that any password by itself is not sufficient, regardless of how difficult it is to remember or how many characters is included. All of our users are therefore required to use a two-factor authentication. This simply means that after you have entered the password, you also need to enter a code which we send to your phone. Don't worry, you only have to go through this login process the first time you log in to a new computer, mobile phone or tablet. You are then logged in as long as you want, even between restarts. No password or extra codes are required the next time you want to use Moment.