Security Model

How Baalvion protects your account through authentication, sessions, and access boundaries.

Authentication

All accounts authenticate through the single login flow at trade.baalvion.com/login, described in Logging In & Role-Based Routing. Your role and permissions are attached to your authenticated session and enforced on every request.

Sessions

Sessions remain active based on your organization’s configured security policy. Extended inactivity or signing in from a new device may require re-authentication. Signing out ends your session immediately on that device.

Account Protection

  • Use a strong, unique password — see Resetting Your Password.
  • Don’t share login credentials between team members — use separate accounts per person instead.
  • Report suspicious activity on your account immediately.
Never share your credentials
Baalvion staff will never ask for your password. If you receive a request for your credentials, treat it as a phishing attempt and report it to support.

Reporting a Security Concern

If you believe your account has been compromised or you’ve found a security issue, contact security@baalvion.com directly rather than filing a general support request.