Encrypted credential storage

How MLS Genie™ protects your API credentials and sensitive data at rest.

How credentials are protected

All sensitive credentials stored in MLS Genie™ are encrypted at rest using libsodium — the same cryptographic library used by major financial institutions. Credentials are never stored in plaintext in your WordPress database.

The encryption key

The encryption key is derived from your WordPress security keys (defined in wp-config.php). This means the encrypted values are tied to your specific WordPress installation — they cannot be decrypted if the database is moved to a different site without the same keys.

Auto-migration

If credentials were entered before the encryption system was active, MLS Genie™ automatically encrypts them on the next load. No manual action is required.

Best practices

  • Never share your wp-config.php file — it contains the keys used to derive the encryption key.
  • Enable HSTS in your hosting security settings to prevent credentials from being intercepted in transit.
  • Rotate credentials immediately if you suspect they have been compromised.

We replaced BoomTown and three other tools the week we went live. The MLS sync alone saved us four hours a day. Our agents were in the CRM on day one — there was nothing to learn.

TR
Taylor R. Team Lead · 12-agent residential team

Turning Chaos into Clarity

Ready to replace your
entire tool stack?

Book a 30-minute live demo. We'll show you the full platform running live — leads, MLS sync, pipeline, and more. No slides, no fluff.

Book a live demo Contact us

No commitment required · Responds within one business day · $4,995 setup · Monthly subscription

This site uses cookies to ensure the best user experience possible.
Learn more about cookies. Accept