FAQ update

src/pages/about.html

@@ -6,7 +6,7 @@ <h2 id="about">Who's this?</h2>
 
     <p>And that's it. We're not in it to dominate the market, conquer the competition, or disrupt anything. This is a simple product, and we intend to keep it simple. We have no illusions of grandeur, and we're structured to be lean, profitable, and sustainable. We're not beholden to any investors, and we're here for the long haul.</p>
 
-    <p>If you have any questions, or if we can do anything to help you with your web app, please <a href="mailto:daniel@encrypted.dev">get in touch</a>.</p>
+    <p>If you have any questions, or if we can do anything to help you with your web app, please <a href="mailto:daniel@userbase.com">get in touch</a>.</p>
     <p>Thank you!</p>
 
     <p>— <a href="https://twitter.com/dvassallo" target="_blank" rel="noopener noreferrer">Daniel Vassallo</a> (founder & owner)</p>

src/pages/docs_faq.html

@@ -1,40 +1,38 @@
 <div class="section">
   <h2><a href="/docs/">Docs</a> : FAQ</h2>
 
-  <h3 id="faq-1">What data gets end-to-end encrypted?</h3>
-  <p>All the data stored using the <a href="/docs/sdk/insert-item">insertItem</a>, <a href="/docs/sdk/update-item">updateItem</a>, <a href="/docs/sdk/delete-item">deleteItem</a>, or <a href="/docs/sdk/build-transaction">buildTransaction</a> APIs is end-to-end encrypted, using keys that never leave the users' devices. Both the stored item and the item ID are end-to-end encrypted.</p>
-  <p>Other user data and metadata, such as usernames, the timestamp when users signed up, and logs about user activity, are encrypted on the wire and at rest, but are not end-to-end encrypted.</p>
+  <h3 id="faq-1">What data does Userbase end-to-end encrypt?</h3>
+  <p>All the data stored using the <a href="/docs/sdk/insert-item">insertItem</a>, <a href="/docs/sdk/update-item">updateItem</a>, <a href="/docs/sdk/delete-item">deleteItem</a>, or <a href="/docs/sdk/build-transaction">buildTransaction</a> APIs is end-to-end encrypted. Both the stored item and the item ID are end-to-end encrypted. Other user data and metadata, such as usernames, timestamps, and user activity logs, are encrypted on the wire and at rest, but are not end-to-end encrypted.</p>
 
-  <h3 id="faq-2">How does Userbase help with GDPR compliance?</h3>
-  <p>Userbase will help you implement the necessary GDPR controls, avoid personal data misuse, and give your users control over their data. More specific information about GDPR will be available soon.</p>
+  <h3 id="faq-1">Where is the user's encryption key stored?</h3>
+  <p>The user's encryption key gets generated when the user creates an account, and this key gets encrypted itself with another key derived from the user's password. The encrypted key gets stored on the Userbase server, and the user retrieves it back after every successful login. The Userbase server never sees the user's password.</p>
 
-  <h3 id="faq-3">What happens when users login from a new device or browser?</h3>
-  <p>When a user creates a new account, a key gets automatically generated in the user's browser. The user will need this key to encrypt and decrypt data, as well as to login to the account. When the key gets created, it gets saved in the browser's local storage.</p>
-  <p>When a user tries to login from a new device or browser, the user can automatically have the new device receive the key by logging in from the original device and accepting the key transfer request. If that's not possible, the user can also input the key directly while logging in.</p>
-
-  <h3 id="faq-4">What happens if a user loses the key?</h3>
-  <p>Users should always keep a backup copy of their key in a safe place, such as a password manager. If a user loses access to all devices that were used to access the account, the backup key will be necessary to recover the account. The key is required to log into the user account and to decrypt user data.</p>
-
-  <h3 id="faq-5">How can users find their key?</h3>
-  <p>The key is a simple string that is available from the Userbase SDK. Your web app should inform users to make a backup of their key when they sign up, and should provide a way to display the key when a user is logged in.</p>
-
-  <h3 id="faq-6">What happens when users forget their password?</h3>
-  <p>The key and the password are unrelated, so unlike keys, passwords can be reset if forgotten. If you let users specify an email address when they sign up, users will be able to reset their passwords on their own, through a typical password reset workflow via email. If you choose to not collect emails, then you can reset a user's password manually from the Admin panel.</p>
+  <h3 id="faq-4">What happens if a user forgets the password?</h3>
+  <p>Users should always keep a backup copy of their password in a safe place, such as a password manager. Since the encryption key needs to be decrypted by the user's password, it is not possible to recover an account if the password gets lost.</p>
 
   <h3 id="faq-7">What can I see about my users?</h3>
-  <p>You will be able to see the list of usernames, the time the accounts were created, and any other information you collect during signup, such as users' email, full name, address, etc.</p>
+  <p>You can see the list of usernames, the time the user accounts were created, and any other information you collect during user sign up, such as users' email, name, address, etc.</p>
 
   <h3 id="faq-8">What can I do with my users?</h3>
-  <p>From the Admin panel, you will be able to see all your users, reset user passwords, suspend user accounts, and permanently close user accounts.</p>
+  <p>From the Admin panel you can see all your users, suspend user accounts, and permanently close user accounts.</p>
+
+  <h3 id="faq-8">How can I close my Userbase Admin account?</h3>
+  <p>You can close your Userbase Admin account from the Admin panel. Once you close your Userbase Admin account, all your apps will stop working. If you closed your account in error, please <a href="mailto:support@userbase.com">get in touch</a> to check if we can still recover it.</p>
+
+  <h3 id="faq-8">What happens if I exceed the 1&nbsp;GB storage limit?</h3>
+  <p>At the moment, Userbase is not metering data storage, and nothing will happen if you exceed it. In the future, Userbase will have other pricing plans that allow higher storage volumes. If you happen to be exceeding the limit when these new pricing plans become available, we will ask you to upgrade to the new plans.</p>
 
   <h3 id="faq-9">How can I require users to pay to access my web app?</h3>
-  <p>Userbase will have an API (coming soon) to let you update user attributes from a server-side endpoint or a cloud function. This will allow you to update a user's payment status in Userbase. Then, your web app can retrieve this information and control its functionality according to the user's payment status.</p>
+  <p>At the moment, you will have to handle payments yourself and hide the web app from non-paying users. In the future, we will support payments directly from the Userbase SDK as part of a new pricing plan.</p>
+
+  <h3 id="faq-2">How does Userbase help me with GDPR compliance?</h3>
+  <p>Userbase helps you implement the necessary GDPR controls, avoid personal data misuse, and give your users control over their data. If you need assistance with GDPR compliance, please <a href="mailto:support@userbase.com">get in touch</a>.</p>
 
   <h3 id="faq-10">How durable is the data stored in Userbase?</h3>
   <p>Userbase only acknowledges data modification requests after the data has been successfully persisted to <a href="https://aws.amazon.com/dynamodb/">Amazon DynamoDB</a>. This is a highly-durable service that synchronously replicates data to at least 3 hosts in isolated geographical zones before acknowledging a write operation. Userbase has continuous backups enabled on all its DynamoDB tables with a 35 day recovery window.</p>
 
   <h3 id="faq-11">What services does Userbase depend on?</h3>
-  <p>Userbase runs entirely in <a href="https://aws.amazon.com/">Amazon Web Services</a>, in the us-east-1 region. The availability of the Userbase service depends on <a href="https://aws.amazon.com/ec2/">Amazon EC2</a>, <a href="https://aws.amazon.com/s3/">Amazon S3</a>, and <a href="https://aws.amazon.com/dynamodb/">Amazon DynamoDB</a>.</p>
+  <p>Userbase runs entirely on <a href="https://aws.amazon.com/">Amazon Web Services</a>, in the us-east-1 region. The availability of the Userbase service depends on <a href="https://aws.amazon.com/ec2/">Amazon EC2</a>, <a href="https://aws.amazon.com/s3/">Amazon S3</a>, and <a href="https://aws.amazon.com/dynamodb/">Amazon DynamoDB</a>.</p>
 
 </div>
 

src/pages/docs_getting-started.html

@@ -10,7 +10,7 @@ <h3>Install the SDK</h3>
 
   <pre>
     <code class="language-markup"><!--
-    <script type="text/javascript" src="https://sdk.userbase.com/userbase-latest.js"></script>
+    <script type="text/javascript" src="https://sdk.userbase.com/1/userbase.js"></script>
     --></code>
   </pre>
 

src/style.css

@@ -48,6 +48,10 @@ strong {
   @apply font-semibold;
 }
 
+h2>a {
+  @apply font-black;
+}
+
 h1 {
   @apply text-center text-2xl font-extrabold leading-tight tracking-tight;
 }