diff --git a/etc/TODO.md b/etc/TODO.md
index 2af000d82e4072452faa8a1469be752489345d96..61d99a3c16729353992cf409652fb52022051f3a 100644
--- a/etc/TODO.md
+++ b/etc/TODO.md
@@ -56,3 +56,6 @@
 * add flask-resources https://pypi.org/project/flask-resources/
 * add flask-whooshalchemy3 https://pypi.org/project/flask-whooshalchemy3/ https://github.com/blakev/Flask-WhooshAlchemy3
 * add flask-filealchemy https://pypi.org/project/flask-filealchemy/
+
+### user security
+* https://github.com/PrettyPrinted/flask_auth_scotch/