# Good security practices

## Accounts and Users

### Use secure passwords

We check to ensure that passwords meet certain requirements, but you should ensure you're not re-using passwords from other websites.

We can't guarantee every single Saturn installation is 100% secure, so protect yourself and use a unique password.

## Code and Plugins

### Plugins

**Only download plugins from the Saturn Marketplace.**

We scan all plugins on the Marketplace to check for malicious code, whilst we can't guarantee every plugin is 100% secure, we try our best to keep any bad code out.

**Don't load plugins from unknown sources or authors.**

These plugins could contain malicious code, intended to hack your Saturn installation. Plugins can contain PHP and Javascript code which can send database requests, API calls, and more.

### JavaScript Console

**Only use the console if you know what you're doing.**

Don't paste code from the internet, or if someone tells you to. This may be a form of attack called a Self-XSS attack. For more information please visit <https://en.wikipedia.org/wiki/Self-XSS>