Security
Manage your own sign‑in security and your organization's access policy.
Your account
- Change password — enter your current password, then the new password (min length enforced) and confirm.
- Two‑factor authentication (2FA) — enable it, scan the QR in an authenticator app, and confirm with the 6‑digit code. Strongly recommended for every admin.
- Change email — set a new email address for your account (confirm with your password).
Organization access policy
Admins can set org‑wide controls:
- Password policy — minimum length and strength (breached‑password checks).
- Session timeout and account lockout after failed logins.
tip
Turn on 2FA for every admin account — combined with a sensible lockout policy it's the single biggest reduction in account‑takeover risk. Lost an authenticator? An admin can reset a user's 2FA from Admin → Users.