Account security at TaxDome

Table of Contents

Email verification for all accounts
Two-factor authentication (2FA) for enhanced protection
Strong password requirements
Blocked passwords
Session security
Our ongoing commitment to security
What you can do

At TaxDome, protecting your personal and financial information is our top priority. We work with accounting, tax, and bookkeeping professionals around the world—and we understand how important it is to keep client data secure.

Email verification for all accounts

TaxDome requires email verification when you sign in. After entering your password, you receive a one-time code via email to verify your identity. This extra layer of protection—along with your password—ensures that only you can access your account.

According to Microsoft, this approach blocks over 99.9% of automated account attacks, making it one of the most effective ways to protect your information—even if your password is compromised.

Two-factor authentication (2FA) for enhanced protection

For even stronger security, you can enable two-factor authentication (2FA) using an authenticator app instead of email verification. Apps like Google Authenticator or Microsoft Authenticator generate verification codes on your device, offering the strongest protection and fastest access. You can also configure SMS as a backup option. Learn how to set up 2FA .

Info

Your firm may require you to use 2FA for enhanced security.

Strong password requirements

We’ve raised our password complexity requirements to meet the latest security best practices. If your current password doesn’t meet the new standards, you’ll be prompted to reset it.

To ensure your password is secure, it should include:

12 or more characters
At least one uppercase letter
At least two numbers
At least two special characters (like !, $, %, etc.)

Weak example: Abc123 Strong example: T8r!Zk4$gN72#bl

Most browsers offer password generators, and we recommend using a trusted password manager to create a strong password. Some reliable options include:

Bitwarden Password Generator
1Password Generator
Your browser’s built-in password generator (available in most modern browsers)

Blocked passwords

As part of our security protocols, we check passwords against a database of publicly exposed credentials to ensure they haven’t been used in known data leaks. We use resources like Have I Been Pwned , a widely trusted site that tracks email addresses and passwords found in publicly available breaches from unrelated websites or services.

If your password is found on one of these lists, we block it—even if it’s still working—because reused or exposed passwords are more vulnerable to automated attacks. This helps prevent unauthorized access and ensures your account is better protected.

You can visit Have I Been Pwned at any time to check if your email address has been involved in a known data exposure.

Session security

If you’ve been prompted to reset your password recently, this is part of routine security improvements we make to protect all users and accounts. These periodic session resets help ensure that any potentially compromised credentials are invalidated.

Our ongoing commitment to security

TaxDome is SOC 2 Type II certified, which means our platform is regularly audited for security, availability, and data protection practices. In addition to email verification and strong passwords, we continue to roll out updates that include:

Session resets as part of routine security improvements
Blocking passwords found in public data sources
CAPTCHA and rate-limiting protections to prevent automated attacks
Partnership with Cloudflare for enterprise-grade network security
Regular security audits and compliance reviews

These are just a few of the ways we work behind the scenes to keep your information safe—and we’re always improving.

What you can do

Here are some steps you can take to keep your account secure:

Use a strong, unique password for your TaxDome account
Enable two-factor authentication for enhanced protection
Set up SMS backup as an alternative verification method
Avoid reusing passwords across different sites
Be cautious with email links—log in through your firm’s official TaxDome portal
Use Have I Been Pwned to check if your email has appeared in past data exposures
If something doesn’t feel right, reach out to your firm or click Contact us

Thank you for using TaxDome. We’re proud to support your accounting team and committed to keeping your information secure every step of the way.