Security Settings

Protect your account with a strong password and two-factor authentication.

Overview

Security settings help protect your account and data. We recommend enabling two-factor authentication (2FA) for an additional layer of security beyond your password.

Changing Your Password

1
Open Account Settings
2
Go to the Security section
3
Click Change Password
4
Enter your current password
5
Enter your new password (minimum 8 characters)
6
Confirm your new password
7
Click Update Password

Strong Password Tips

Use at least 12 characters with a mix of uppercase, lowercase, numbers, and symbols. Consider using a password manager to generate and store secure passwords.

Password Requirements

Passwords must meet these requirements:

Minimum 8 characters
Cannot be entirely numeric
Cannot be too similar to your email address
Cannot be a commonly used password

Two-Factor Authentication (2FA)

Two-factor authentication adds an extra security layer. After entering your password, you'll need a code from your authenticator app to log in.

Compatible Authenticator Apps

Google Authenticator (iOS, Android)
Authy (iOS, Android, Desktop)
1Password (iOS, Android, Desktop)
Microsoft Authenticator (iOS, Android)
Any TOTP-compatible app

Enabling 2FA

1
Open Account Settings
2
Go to the Security section
3
Click Enable Two-Factor Authentication
4
Open your authenticator app and scan the QR code
5
Enter the 6-digit code from your app to verify
6
Save your backup codes in a secure location

Save Your Backup Codes

Backup codes are your only way to recover access if you lose your authenticator device. Store them somewhere safe like a password manager or printed in a secure location.

Using 2FA

When 2FA is enabled, logging in works like this:

1
Enter your email and password as usual
2
Open your authenticator app
3
Enter the 6-digit code (changes every 30 seconds)
4
Optionally check Remember this device to skip 2FA for 30 days

Note

The "Remember this device" option stores a secure cookie. You'll still need 2FA when logging in from new devices or browsers.

Backup Codes

Backup codes let you log in when you can't access your authenticator app:

You receive 10 single-use backup codes when enabling 2FA
Each code can only be used once
Generate new codes at any time (this invalidates old ones)
Store them securely - treat them like passwords

To generate new backup codes:

1
Open Account Settings
2
Go to Security
3
Click Regenerate Backup Codes
4
Save the new codes (old ones stop working immediately)

Disabling 2FA

1
Open Account Settings
2
Go to Security
3
Click Disable Two-Factor Authentication
4
Enter a code from your authenticator app to confirm
5
Click Disable

Warning

Disabling 2FA makes your account less secure. Only disable it if you need to switch authenticator apps or devices.

Lost Access to Authenticator

If you can't access your authenticator app:

1
Go to the login page and enter your email and password
2
Click Use backup code on the 2FA screen
3
Enter one of your saved backup codes
4
Once logged in, disable 2FA and set it up again with your new device

Note

If you've also lost your backup codes, contact support. We'll need to verify your identity before resetting 2FA, which may take 24-48 hours.

Active Sessions

View and manage devices where you're currently logged in:

1
Open Account Settings
2
Go to Security
3
Find the Active Sessions section
4
Review the list of devices and locations
5
Click Sign Out next to any session to end it

Tip

If you see a session you don't recognize, sign it out immediately and change your password. Consider enabling 2FA if you haven't already.

Profile Settings

Update your name and email

Preferences

Notification settings

Data & Privacy

Your data and privacy options