I've found myself in situation as well.
Does anyone have advice on how to deal with the fear of handling users/user data for a product that you think people would love?<p>Is it incorporation for liability protection?<p>Terms of service docs that state nothing is hack proof?<p>Getting the right liability insurance?<p>In depth penetration tests prior to launching and continuously thereafter?<p>Continuously monitoring for suspicious activity on a server to detect hacks?
I found myself in a similar situation with a budgeting app I wrote. Initially I was planning to make it public but the idea of dealing with people's financial data and paying for all the infrastructure caused me to change my mind.<p>Instead I've been exploring a strange idea of using sqlite client side. People would save their data to a sqlite file that gets downloaded, then when they come back, drag the file back onto the browser to pick up where they left off. A little awkward, but 100% client side, side skirting most of the problems.<p>(I realize hardly anyone would bother to use this app. But making it public with sqlite is really just an experiment. I host the app on a raspberry pi inside our home network and we use it that way.)