← All Articles

Feature Highlight: Security

Khash SajadiKhash Sajadi
Mar 17th 21Updated Jan 7th 22


Security! Every company says it's their highest priority, until you realize what they mean by that: stupid password policies.

At Cloud 66 we think security is more than a mix of uppercase and lowercase characters in a password. Here is a quick run down of Cloud 66 security features:


Two Factor Authentication

Cloud 66 supports two factor authentication with 2FA apps like Google Authenticator, FIDO security keys like Yubikey and SMS messages.

You can also use more than one second factor authentication method with your accounts to ensure continued access.

2FA Enforcement

You can enforce 2FA support for all your team members, ensuring there are no weak links in the chain.

Personal Token Restrictions

While Personal API Tokens can be a conveniet way to test your API clients, they can also be a security weak point. These can be disabled across your account for all team members with access to your API endpoints.

Toolbelt Login Restrictions

You can use the Cloud 66 Toolbelt (CX) to sign into your account with ease (use cx login) While this feature makes logging in very quick and easy, it can be disabled across all of your accounts if you run the Toolbelt in an environment you don't fully trust.

Fine-Grained ACL

All team members in your team can have fine-grained Access Control Lists through Roles and Permissions. You can grant and deny each of them aribitrarily different levels of access to specific parts of your accounts and operations.

Service Accounts

To avoid password sharing and losing access when members leave your team, you can use a Service Account for your API and command line access. Running this kind of shared access through a headless, standalone account allows for better control and security.

sudo Mode

When performing potentially dangerous operations, the system will ask you for your second factor authentication to enter a "sudo mode".

Audit Records

All actions of all team members and Cloud 66 support staff are recorded in Audit Records and are accessible to view and search by the account owner.

Anomaly and Account Takeover Detection

All user activity is monitored for abnormal behaviour and signs of account takeover. Users are notified and might be presented with more login challenges in such cases.

More info:

Try Cloud 66 for Free, No credit card required