Security Notice
Last updated: 6/23/2026
Information on how we secure the ModVoice platform and handle vulnerability disclosures.
Our Commitment to Security
ModVoice is built with security as a foundational principle. We utilize industry-standard practices, including End-to-End Encryption (E2EE) for personal communications, strict HTTPS enforcement, and secure, stateless authentication tokens.
Vulnerability Disclosure Program
We welcome reports from security researchers and experts who believe they have found a vulnerability in ModVoice. If you discover a security issue, please responsibly disclose it to us immediately.
Do not publicly disclose the vulnerability until we have had a reasonable timeframe to investigate and patch the issue.Do not exploit the vulnerability beyond what is strictly necessary to prove its existence (e.g., do not attempt to access other users' data, disrupt services, or perform destructive actions).
Please send all security-related reports to: support@modvc.org
Account Security
While we take extensive measures to secure our infrastructure, account security is a shared responsibility. We strongly recommend that users:
- Use strong, unique passwords for their ModVoice accounts.
- Enable Two-Factor Authentication (2FA) if utilizing third-party OAuth providers (Google, GitHub, Microsoft).
- Safeguard their local E2EE Vault Keys. ModVoice cannot recover lost E2EE keys.
- Never share their account credentials or session tokens with anyone.