In Salesforce, there are two techniques to keep your community more secure:
1. Authenticate Community Users
2. Encrypt Community Data
In Salesforce, there are several ways to authenticate users in your community.By default, Salesforce provides external users authentication.
Using External users authentication, Salesforce authenticates a user by its username and password that has been assigned him by Salesforce for the community.
Note:External users are users with Community, Customer Portal, or partner portal licenses.)
To authenticate internal users of your organization, you can use Salesforce's username and password.
Encryption data means to apply some Security techniques on your community Data that encrypt your files, attachments and other important data.
Keep the following things in mind:
1. Community Data can be encrypted but portals data can't.
2. In Salesforce Classic Encryption technique, data in encrypted custom fields is still masked.
3. Salesforce provides a specific setting for personally identifiable information in community about data whether it is encrypted or not.
4. In Salesforce, Data encryption doesn't change anything about the community user experience.
For example, when the Account Name field is not encrypted, a user belonging to the Acme account with the Customer User profile would have a role called Acme Customer User.
When Account Name is encrypted, the role is displayed as something like 001D000000IRt53 Customer User.