Security Settings
Settings โ Security controls authentication security for your workspace โ two-factor authentication (2FA) and session policies.
Two-Factor Authentication (2FA)โ
Setting Up 2FA for Yourselfโ
- Go to Settings โ Security or your Profile page.
- Click Set Up Two-Factor Authentication.
- Scan the QR code with an authenticator app (e.g. Google Authenticator, Authy, 1Password).
- Enter the 6-digit code from your authenticator to confirm.
- Save the recovery codes in a secure place.
- 2FA is now active on your account.
From this point on, every login requires:
- Email and password
- A 6-digit TOTP code from your authenticator app
Disabling 2FAโ
- Go to Settings โ Security.
- Click Disable Two-Factor Authentication.
- Enter your current password to confirm.
Enforcing 2FA for All Users (Admin)โ
Workspace admins can require all team members to use 2FA:
- Go to Settings โ Security.
- Toggle Require 2FA for All Users.
- Save.
Team members who have not set up 2FA will be prompted to do so on their next login before accessing the workspace.
Session Settingsโ
| Setting | Description |
|---|---|
| Session Lifetime | How long a user stays logged in after inactivity (in minutes). Default: 120 minutes. |
Password Policyโ
| Setting | Description |
|---|---|
| Minimum Password Length | Minimum characters for user passwords (default: 8) |
Recovery Codesโ
When 2FA is enabled, you receive 8 recovery codes. Each code can be used once instead of a TOTP code if you lose access to your authenticator app. Store them in a secure location (password manager, printed and stored safely).
To regenerate recovery codes, go to Settings โ Security โ Regenerate Recovery Codes (requires password confirmation).
If You Are Locked Outโ
If you have lost access to both your authenticator app AND your recovery codes, contact your workspace admin. Admins can disable 2FA on a user's account from the Team settings page.
If the super admin is locked out, contact the platform owner who has SSH/database access.