Security

Authenticated app access is protected by server-side credential checks and HTTP-only session cookies.

Private calculator and report pages are kept behind login and should not be exposed to public indexing.

The system should be operated with limited access, secure environment variables, and appropriate deployment controls.

Users must keep passwords confidential, use trusted devices, and report suspected unauthorized access promptly.

Security concerns can be sent to kreeshivconsultancy@gmail.com.