🔐 Trust & Security
Your data, protected and yours alone.
When families store memories, documents, and legacy materials, trust has to be earned — not assumed. Here's exactly how IOUHome protects your data, who can access it, and what controls you have.
🔒 How Sign-In Works
IOULegacy uses passwordless sign-in through Microsoft Entra. You enter your email, Microsoft emails you a short code, and you type the code to sign in. No password to remember, no password to leak.
⏱️
Codes Expire Fast
Each sign-in code is valid for about 10 minutes. After that it stops working, even if someone finds it in your inbox later.
🚫
Single-Use
Every code works exactly once. Once you sign in with it, that code is dead. A code that has already been used cannot be replayed by anyone.
🛡
Brute-Force Blocked
Microsoft rate-limits sign-in attempts and shuts down anyone trying to guess codes. Combined with the short expiration, guessing your code is statistically impossible.
📱
Tied to Your Email
Possession of your email inbox is what proves you are you. Turn on 2-step verification with your email provider so nobody else can read codes meant for you.
🛡
Risk Detection
Microsoft watches for suspicious sign-in patterns (impossible travel, unfamiliar devices, bot behavior) and blocks or challenges them before a code is even sent.
🔒
Vault Is Separate
Sign-in gets you into your account. Your encrypted Vault has its own unlock passphrase that we never see. Even a stolen sign-in cannot unlock the Vault.
🔐 Zero-Knowledge Encryption
When you enable encryption, your data is encrypted and decrypted entirely on your device using a passphrase that only you know. The server never sees your plaintext content or your passphrase.
🔑
Client-Side Encryption
AES-256-GCM encryption runs in your browser using the Web Crypto API. Your passphrase never leaves your device.
🔀
Key Splitting
Your encryption key is split into three shares using Shamir's Secret Sharing. Any two of three shares can recover your key — no single point of failure.
🚫
We Cannot Read Your Data
Because encryption happens on your device, we have no ability to decrypt your content. Even if our servers were compromised, your encrypted data remains unreadable.
🔒 Sealed Capsules & Tamper Protection
Legacy capsules are designed to be permanent once you seal them.
🔏
Digital Fingerprint
Every capsule gets a unique SHA-256 hash when sealed. If even one character changes, the fingerprint changes completely. Nobody — not even us — can alter your capsule without detection.
🔒
Sealed = Locked Forever
Once sealed, content, attachments, and recipients are frozen. The digital fingerprint proves nothing was changed. You can verify this at any time.
📑 Tamper-Proof Audit Trail
Every action in your vault is recorded in a tamper-proof audit log. Each entry is linked to the previous one using SHA-256 hashing — the same concept behind blockchain verification. If anyone attempted to alter or delete an entry, the chain would break and the tampering would be immediately visible.
You can verify the integrity of your entire audit chain at any time from within the app.
🕔 Release Rules — You Decide When
Your capsules are delivered on your terms. You set the rules, and the system follows them.
📅
Date-Based
Release on a specific date you choose — a birthday, anniversary, or any date that matters.
🕰
Inactivity
If you do not log in for a period you define, your capsules are released to your designated recipients.
👥
Multi-Party Verification
Require trusted contacts to confirm before release. No single person can trigger delivery alone.
✎
Manual
Release a capsule yourself whenever you are ready. You are always in control.
👥 Access Control & Data Isolation
Your data is stored in its own isolated partition. There is no shared database where one user's data could accidentally be visible to another. Each account is completely separate at the infrastructure level.
Only you can see your capsules, documents, and photos. Recipients see only the specific capsules you addressed to them — and only when your release rules trigger.
🛡 Infrastructure & Hosting
Active
AES-256 at Rest
All files encrypted on disk
Active
HTTPS / TLS
All connections encrypted
Active
WAF Protection
OWASP & SQL injection rules
Active
AWS Hosting
U.S.-based data centers
👁 Our Privacy Commitment
No third-party analytics. We do not collect or share browsing or usage analytics data.
No data selling. We will never sell, rent, or share your personal information with advertisers or data brokers.
No AI training on your data. Your content is never used to train AI models. AI features process your content only when you ask them to, and nothing is retained.
Minimal data collection. We collect only what is needed to run your account: your name, email, and the content you choose to store.
📦 Data Continuity
We take long-term preservation seriously. Your data is stored using cloud infrastructure designed for durability. You can export all of your data at any time in a standard format. For more details, see our Data Continuity policy.
💬 Questions?
If you have questions about how your data is protected, contact us at support@ioutoday.org or visit our Support page.
IOUHome is operated by IOUMore, LLC. Free legacy programs are provided through IOU, Inc., a registered 501(c)(3) non-profit (EIN 81-2203628).
