Character Vault
Any Concept / Any System
Your System Come To Life
Roll20 for Android
Streamlined for your Tablet
Roll20 for iPad
Streamlined for your Tablet

Personal tools


From Roll20 Wiki

Revision as of 12:51, 21 April 2014 by Riley D. (Talk | contribs)

Jump to: navigation, search

Roll20 employs industry-best 256-bit SSL encryption to help protect your data and your privacy. We also have security measures in place to keep others out of your campaign data unless you specifically invite them in, encrypt our backups, and more. Our goal is to provide you with the peace of mind to know that your games are safe while in our hands.

Reporting Vulnerabilities

That said, we're not perfect, and we know there will be bugs and things we haven't thought of. If you've found an exploit or vulnerability in Roll20, please report it to us as soon as possible at We would appreciate a 7-day (or longer) period to deal with any issues before they are revealed publicly, should you choose to do so. In addition, while we can't offer cash bounties for reports, we have been known to give free Mentor accounts to folks who report vulnerabilities to us in a responsible manner.

Heartbleed Vulnerability

We've received several emails about this, so we thought we would post an official response here. When the "Heartbleed" OpenSSL vulnerability was disclosed, we immediately checked our servers and did not find any that were running a vulnerable version of OpenSSL. We went ahead and upgraded everything to the latest patched version just to be safe, but at this time it is not necessary to change your password, and at no time was Roll20 vulnerable to this attack.