At Meebo, we recognize that security is important to our users and partners. This page explains some of the steps we take to keep you secure.
If you are accessing Meebo hosted IM through the Meebo Bar, login happens automatically using a token provided by the partner site. This token is encrypted by our JavaScript code before being sent to Meebo, so that only Meebo can decrypt it. If you share content using the Meebo Bar, login happens in a separate window hosted by Google, Twitter, or Yahoo! In all cases Meebo never has access to your password.
If you use the Meebo Bar on an https web site, then all information that you transmit through Meebo is encrypted. Otherwise, all information other than your passwords (your buddy list, conversations, shared content, etc.) is not encrypted, so if someone were to intercept your transmission they could see the information that is being transmitted to and from your computer. This risk is greater when using unencrypted Wi-Fi or a public network. It is not currently possible for you as a user to configure whether this information is encrypted—this is something that is controlled by the site owner where you use the Meebo Bar.
If you create a Meebo account, we store a "hash" of the password for the account on our servers. We do not store the password itself.
If you believe you have discovered a Meebo security issue, please contact us immediately. Please include a detailed summary of the issue, including the name of the product (e.g. Meebo Bar) and the nature of the issue you discovered. Be sure to include an email address where we can reach you in case we need more information.
While we strive to make the Meebo experience easy and simple for users, the technology underlying our services can be complex and take time to update. When properly notified of legitimate issues, we'll do our best to acknowledge your report, assign resources to investigate the issue, and fix potential problems as quickly as possible.
If you have any suggestions or questions, please let us know.