Passwords are hashed using Bcrypt. Resetting a password can be done using a Password Reset Link. These links have a 24h expiry date.
Password policies are coming soon.
Usernames and emails are not encrypted. This would prevent us from sending you emails or displaying your username in the application.
All connections to Kantree are made via a secure connection using SSL. See a report here: https://www.ssllabs.com/ssltest/analyze.html?d=kantree.io&latest (A+ grade)