SSL technology is used to encrypt your communication with the BitBargain website. Custom one-way hashing is used to store account passwords in the database.
BitBargain was created with security in mind, especially to withstand XSS, CSRF, SQLi, DoS attacks and various exploits.
A separate account is used for BitBargain funds on the Bitcoin server. The Bitcoin daemon runs on a remote server, connection between the web server and the payment server is SSL secured. There are regular backups of the database and the Bitcoin/Litecoin wallets, to servers located in different countries. Buyers are advised to withdraw coins as soon as possible after purchase, sellers are advised to only store about as much coin in the system as they are hoping to sell in a short time.
A file is generated every day with cryptographic proof of coins under our control and anonymous user balances. The sellers have access to this. You can ask a seller on IRC to check if your account hash and balance are included in this list. The hash is hash (username-lowercase nonce). Your nonce can be located at https://bitbargain.co.uk/user.