Skip to main content

Security

Manage your own sign‑in security and your organization's access policy.

Your account

  • Change password — enter your current password, then the new password (min length enforced) and confirm.
  • Two‑factor authentication (2FA) — enable it, scan the QR in an authenticator app, and confirm with the 6‑digit code. Strongly recommended for every admin.
  • Change email — set a new email address for your account (confirm with your password).

Organization access policy

Admins can set org‑wide controls:

  • Password policy — minimum length and strength (breached‑password checks).
  • Session timeout and account lockout after failed logins.
tip

Turn on 2FA for every admin account — combined with a sensible lockout policy it's the single biggest reduction in account‑takeover risk. Lost an authenticator? An admin can reset a user's 2FA from Admin → Users.