diff --git a/server/server.go b/server/server.go
index 0122c825..ed8afc05 100644
--- a/server/server.go
+++ b/server/server.go
@@ -35,39 +35,51 @@ import (
 )
 
 /*
-	TODO
-		races:
-		- v.user --> see publishSyncEventAsync() test
+TODO
+--
 
-		payments:
-		- reconciliation
+UAT results (round 1):
+- Security: Account re-creation leads to terrible behavior. Use user ID instead of user name for (a) visitor map, (b) messages.user column, (c) Stripe checkout session
+- Account: Changing password should confirm the old password (Thorben)
+- Signup: Re-add password confirmation (Thorben & deadcade)
+- Reservation: Kill existing subscribers when topic is reserved (deadcade)
+- Reservation (UI): Show "This topic is reserved" error message when trying to reserve a reserved topic (Thorben)
+- Reservation (UI): Ask for confirmation when removing reservation (deadcade)
 
-		delete messages + reserved topics on ResetTier delete attachments in access.go
-		account deletion should delete messages and reservations and attachments
+races:
+- v.user --> see publishSyncEventAsync() test
 
-		Limits & rate limiting:
-			rate limiting weirdness. wth is going on?
-			bandwidth limit must be in tier
-			users without tier: should the stats be persisted? are they meaningful? -> test that the visitor is based on the IP address!
-			login/account endpoints
-			when ResetStats() is run, reset messagesLimiter (and others)?
-			Delete visitor when tier is changed to refresh rate limiters
+payments:
+- reconciliation
 
-		Make sure account endpoints make sense for admins
+delete messages + reserved topics on ResetTier delete attachments in access.go
+account deletion should delete messages and reservations and attachments
 
-		UI:
-		- reservation icons
-		- reservation table delete button: dialog "keep or delete messages?"
-		- flicker of upgrade banner
-		- JS constants
-		Sync:
-			- sync problems with "deleteAfter=0" and "displayName="
+Limits & rate limiting:
+	rate limiting weirdness. wth is going on?
+	bandwidth limit must be in tier
+	users without tier: should the stats be persisted? are they meaningful? -> test that the visitor is based on the IP address!
+	login/account endpoints
+	when ResetStats() is run, reset messagesLimiter (and others)?
+	Delete visitor when tier is changed to refresh rate limiters
 
-		Tests:
-		- Payment endpoints (make mocks)
-		- Message rate limiting and reset tests
-		- Bandwidth limit test
-		- test that the visitor is based on the IP address when a user has no tier
+Make sure account endpoints make sense for admins
+
+
+UI:
+-
+- reservation icons
+- reservation table delete button: dialog "keep or delete messages?"
+- flicker of upgrade banner
+- JS constants
+Sync:
+	- sync problems with "deleteAfter=0" and "displayName="
+
+Tests:
+- Payment endpoints (make mocks)
+- Message rate limiting and reset tests
+- Bandwidth limit test
+- test that the visitor is based on the IP address when a user has no tier
 */
 
 // Server is the main server, providing the UI and API for ntfy