Docs
Security Settings

Security Settings

Manage your password, two-factor authentication, and account security options.

Security settings help protect your Plotwise account from unauthorized access. This guide covers password management, two-factor authentication, and other security features.

Accessing Security Settings

  1. Click your avatar (top right)
  2. Select "Account settings"
  3. Click "Security" tab
Account security settings page

Password Management

Password Requirements

  • Minimum 8 characters
  • Maximum 72 characters
  • Mix of letters, numbers, special characters (recommended)

Changing Your Password

  1. Go to Security settings
  2. Enter current password
  3. Enter new password
  4. Confirm new password
  5. Click "Update Password"

Password Reset

If you forgot your password:

  1. Go to sign-in page
  2. Click "Forgot password"
  3. Enter your email
  4. Check email for reset link
  5. Click link and set new password

Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a code from your phone in addition to your password.

Enabling 2FA

  1. Go to Security settings
  2. Find "Two-Factor Authentication" section
  3. Click "Enable 2FA"
  4. Scan QR code with authenticator app
  5. Enter the 6-digit code shown in your app
  6. Save your backup codes securely

Supported Authenticator Apps

  • Google Authenticator
  • Authy
  • 1Password
  • Microsoft Authenticator
  • Any TOTP-compatible app

Backup Codes

When enabling 2FA, you receive backup codes:

  • 10 single-use codes
  • Use if you lose access to authenticator
  • Store securely (password manager, printed)
  • Generate new codes if needed

Signing In with 2FA

  1. Enter email and password
  2. When prompted, open authenticator app
  3. Enter 6-digit code
  4. Code refreshes every 30 seconds

Disabling 2FA

  1. Go to Security settings
  2. Click "Disable 2FA"
  3. Enter your password to confirm
  4. 2FA removed

Connected Accounts

If you signed up with OAuth (Google/Microsoft):

Viewing Connected Accounts

Security settings shows:

  • Which OAuth providers are linked
  • When they were connected

Disconnecting OAuth

  1. Find connected account
  2. Click "Disconnect"
  3. Confirm action

Session Management

Active Sessions

View where you're signed in:

  • Current session
  • Other devices/browsers
  • Last activity time

Sign Out Other Sessions

  1. Go to Security settings
  2. Find "Active Sessions"
  3. Click "Sign out all other sessions"
  4. Confirm action

Use this if:

  • You suspect unauthorized access
  • You used a shared/public computer
  • You want to reset all sessions

Security Best Practices

Strong Passwords

  • Use 12+ characters
  • Mix upper/lower case, numbers, symbols
  • Avoid personal information
  • Use unique password for Plotwise

Enable 2FA

  • Strongly recommended for all accounts
  • Protects even if password is compromised
  • Small inconvenience for major security gain

Review Sessions Regularly

  • Check active sessions monthly
  • Sign out unused sessions
  • Investigate unknown sessions

Keep Recovery Options Updated

  • Email address current
  • Phone number accurate
  • Backup codes stored safely

Troubleshooting

Related Documentation

Profile SettingsNotification Settings