# FAQ: OrbitDB
[[_TOC_]]
## What is OrbitDB?
OrbitDB is a decentralized, flexible,
extendable, CRDT based database framework.
The database is replicated across
peers and can be modified simultaneously
by these peers.
OrbitDB provides many ways for you to
modify it for your use case.
[See the Field Manual](https://github.com/orbitdb/field-manual)
## How can I setup OrbitDB?
By installing the OrbitDB and JS-IPFS
Package from npm:
```bash
$ npm i --save ipfs orbit-db
```
For further information,
read the [QUICKSTARTER Guide](./GUIDE.md)
## Can I use OrbitDB in the Browser and how?
Yes, you can.
But in order for data to be shared
between Browser and other peers,
both in the Browser and outside
of it, you have to setup IPFS
properly.
There is a great post on the
subject in the IPFS Blog: [A guide to IPFS connectivity in web browsers](https://blog.ipfs.io/2021-06-10-guide-to-ipfs-connectivity-in-browsers/).
## How does OrbitDB Access Controller work?
The content added to OrbitDB Databases
are generally not read protected.
Anyone can read them with IPFS.
[See: What data can I add to OrbitDB?](#What-data-can-I-add-to-OrbitDB)
But what can be controlled, is the data,
that a peer of the network accepts into
their local copy of the database.
This is where Access Controllers work.
Every change to the database has to pass
a test in the access controller and
if it does not pass this test, the change
is not applied to the local database.
## What data can I add to OrbitDB?
Most OrbitDB Stores only
store JSON Data.
Other types of data (images, videos, directories)
can be stored by adding them directly to IPFS
and refering to them by their CID in the
OrbitDB Stores.
**But you must be careful: OrbitDB Data is not encrypted and publicly available. You shouldn't store Personaly Identifiable Information or any other kind of private data to IPFS or OrbitDB directly!**
At least encrypted with a secure cryptographic
cipher.
## Is OrbitDB secure?
There has not yet been a lot of research
on the security of peer-to-peer systems
like OrbitDB, especially compared to
Client-Server apps (the status quo).