Security
We take security very seriously and have implemented many safeguards:
- SSL/encrypted only connections for web browser access, API access and to all third party services.
- All database servers on a private network behind public load balancers.
- Minimum password restrictions, passwords always encrypted on servers.
- Email validation checks on all users.
- Each workspace has its own isolated database schema, making it impossible for one account to access another’s data.
- SQL injection prevention in code.
- Monitoring
Reporting a security flaw
Feel free to report any security issues found on todo.vu via email to hello@todo.vu
Your input and feedback on security is always appreciated. We take securing our customer data extremely seriously and it’s a top priority for us.
Compensation
We do not provide any monetary compensation at the time. If the reported security flaw is confirmed by our developers, your name will be listed on this page.
Security Hall of Fame
The following researchers have taken the time to identify and report security concerns with todo.vu. Their work is truly appreciated.