How Much Time Do You Have?
On average, new budgeters save $600 by month two and more than $6,000 the first year! Pretty solid return on investment.
Try YNAB FREE for 34 days
Start taking control of your money
After your trial, continue for $4.17/month, billed annually at $50
No credit card required.
We like to joke around a lot, but here is where we stop and become quite serious.
The YNAB Team does not access or interact with customer data as part of normal operations. There are cases where a customer requests that YNAB access their data, or where required by law. All customer data is access-controlled, accompanied by customer approval, and carries with it documentation surrounding the reason for access and the access start and end time. Currently six engineers have access to the production database that stores customer data. A YNAB Team member’s violation of our customer data access policy will result in immediate dismissal.
Your YNAB account password is one-way salted and hashed using multiple iterations of a key derivation function for passwords. (Those sound like made up words, but these are best practices!) Even if someone were to steal the YNAB database of passwords, they would not know your password and would be forced to (very slowly!) guess every possible password in order to find it.
We prevent brute force attacks where a password is guessed multiple times in a row. We also help you choose stronger passwords by 1) requiring that passwords be eight characters or longer, and 2) specifically preventing you from using the top 2,085 most commonly used passwords. (It’s quite an interesting list, should you choose to Google it.)
Your data is encrypted at rest when stored on our servers. That means that even IF someone could break in and steal the hard drives where your data is stored, they couldn’t read it. Also, should you (sadly) choose to delete your YNAB account, all of your budget data is completely and irreversibly removed from the YNAB database. We do not simply mark your account as inactive. We completely destroy all account data. (To be clear, you explicitly request this nuclear deletion. If you happen to let your account lapse accidentally, we don’t assume you mean DESTROY ALL MY DATA. That’d be a horrible assumption.)
We retain account data for a period of time after an account expires, whether through trial expiration or subscription expiration, unless you delete your account as described above.
Once an account has become inactive beyond the period of time described below, we will delete its budget data – if you don’t need YNAB, we don’t need your account data, and you probably don’t want us to have it. (Keep in mind that if you cancel your account, it remains active until the end of your subscription. The timeline below doesn’t start until that subscription expires.)
We will delete accounts and their data:
Our entire infrastructure is built on Heroku, which leverages the Amazon Web Service (AWS) technology. This is the same technology trusted by government agencies, including my favorite, the CIA. Amazon continually manages risk and undergoes recurring assessments to comply with industry standards. Heroku’s entire security policy is here.
We partner with both Finicity and MX as providers of Direct Import financial data aggregation from institutions, and you can find specifics related to their security policies and practices on the Finicity and MX websites. YNAB does not store your bank credentials, but relies upon our partners and their industry-leading security precautions.
All data sent between your computer and YNAB is bank-grade or better encryption. We force your browser to use an encrypted connection and won’t let your computer talk to our servers unless that connection is secure.
Specifically around the traffic encryption, we use 128-bit encryption (AES_128_GCM). This provides an extremely high level of encryption, considered industry standard.
We take advantage of a new security feature in your browser called “Content Security Policy” settings. This makes certain types of attacks against YNAB impossible.
This massive technical feat resulting in a moat of fire-breathing space dragons surrounding your data is useless if someone cons you into handing them your username and password.
At YNAB, we subject our servers, source code and staff to regular 3rd-party security audits from teams that audit other large security-conscious companies such as Github, AT&T, Digital Ocean and Node.
We have also taken a page from companies like Facebook and Google, and have a private bug bounty program where we pay “good guy” hackers that find any vulnerabilities for weaknesses. We’ll be opening this program up to the public soon.
If you’d like to report a vulnerability, please send us your Bugcrowd username and a brief description of the issue to firstname.lastname@example.org. We’ll invite you into our program and have you submit the full details, proof of concept, etc, through our secure, monitored program.