Skip to content

Account & Security

This page covers how you sign up, sign in, secure your account with two-factor authentication, and manage your password and session.

Signing up

To create an account you provide:

Verify your email before signing in

After registering, you must verify your email address before you can sign in. Open the verification link sent to your inbox. If it does not arrive, you can resend it (there is a short cooldown of about 30 seconds between resends).

When you register, the platform automatically sets up a Personal Organization for you — see Users, Groups and Permissions.

Signing in

Sign in with your email or username and your password. If you have enabled two-factor authentication, you are then prompted for a second factor.

Password requirements

Your password must:

  • Be at least 8 characters long, and
  • Include at least 3 of these 4 character types: lowercase letter, uppercase letter, number, special character.

Compromised passwords are rejected

Passwords that appear in known data breaches are rejected, even if they meet the rules above. Choose something unique.

Forgot your password?

From the sign-in screen, use Forgot your password? to start a recovery:

  1. Enter your email — you receive a 6-digit code.
  2. Enter the code and set a new password.

You can resend the code after a short cooldown (about 60 seconds).

Two-factor authentication (2FA)

Two-factor authentication adds a second step at sign-in. The platform supports two factors, managed from your account settings:

  • Authenticator app (TOTP) — a time-based code from an app such as Google Authenticator or 1Password.
  • Recovery codes — single-use backup codes for when you do not have your authenticator app.

Set up recovery codes first

You must enable recovery codes before you can enable the authenticator app. While the authenticator app is active, recovery codes cannot be disabled. This ensures you always have a way back into your account if you lose your device.

Recovery codes

  • Each code can be used only once, in place of an authenticator code.
  • You can download your codes and store them somewhere safe.
  • You can regenerate the set at any time (which invalidates the old codes).

Sessions

Your session expires after a period of inactivity. Shortly before it expires (around 15 minutes ahead), the platform prompts you to re-enter your password to extend the session without losing your work. Some sensitive account changes may also ask you to re-authenticate.

Account settings

From your account settings you can review your profile and manage your security:

  • Email, Name and Surname are shown for reference and are not editable here.
  • You can change your password and manage two-factor authentication.