Security Settings
Two-Factor Authentication
Add an extra layer of security to your account using an authenticator app like Google Authenticator, Authy, or 1Password.
{#if setupStep === 'idle'} {#if totpEnabled}Step 1: Scan QR Code
Scan this QR code with your authenticator app:
Can't scan? Enter manually
{totpUri.split('secret=')[1]?.split('&')[0] || ''}
Step 2: Verify Setup
Enter the 6-digit code from your authenticator app:
Step 3: Save Backup Codes
Save these backup codes in a secure location. Each code can only be used once. If you lose access to your authenticator app, you'll need these to sign in.
{code}
{/each}
Passkeys
Passkeys are a secure, passwordless way to sign in using biometrics (fingerprint or face), a security key, or your device's screen lock.
{#if passkeysLoading}Password
Manage your account password. If you have passkeys set up, you can optionally remove your password for a fully passwordless experience.
{#if passwordLoading}Remove Password
This will make your account passkey-only. You'll only be able to sign in using your registered passkeys. If you lose access to all your passkeys, you can recover your account using your notification channel.
- Make sure you have at least one reliable passkey registered
- Consider registering passkeys on multiple devices
- Ensure your recovery notification channel is up to date
Add at least one passkey before you can remove your password.
{/if} {:else}You sign in using passkeys only. If you ever lose access to your passkeys, you can recover your account using the "Lost passkey?" link on the login page.
{/if}Trusted Devices
Manage devices that can skip two-factor authentication when signing in. Trust is granted for 30 days and automatically extends when you use the device.
Manage Trusted Devices →