Help Center

Docs

Sign-In Methods

Email and password, Google, and Microsoft — link additional providers or set a password for OAuth-only accounts

Overview

How you get into your account in the first place.

The Sign-in methodssection on Settings > Security lists every way your account can be signed into. A method is either a password or a linked identity provider (Google or Microsoft). You can have any combination of them, and the page lets you add, remove, or change each one.

Your account always keeps at least one method
The page blocks you from unlinking or removing your only sign-in method. Without this guardrail, losing a single account could lock you out permanently.

The Three Methods

What each one looks like on the card.

Password

Shown as Password with a lock icon. Status is Active if a password is set for your account, or Not set if you only sign in through a provider. The action button on the Password card says Change password when one is set, and Add password when it is not.

Google

Sign in with your Google account. The row shows either the linked Google email or "Not connected". If linked, a checkmark is shown and an Unlink button is offered.

Microsoft

Sign in with your Microsoft or Azure AD account. Same row pattern as Google — email shown when linked, Unlink button offered, Link Microsoft button when not connected.

1

Click Link Google or Link Microsoft

The button is on the right side of the provider row, active only when that provider is not already linked.
2

Complete the provider sign-in

You are redirected to Google or Microsoft to authorize the link. Sign in as the account you want to use.
3

Return to Settings > Security

You are redirected back. The provider row now shows the linked email and a green checkmark.
Why link more than one?
A linked provider is both a convenience (one-click sign-in) and a backup. If you ever forget your password or lose access to the other provider, the remaining method still lets you in.
1

Click Unlink

The Unlink button is on the right of the linked provider row. If this would leave you with zero sign-in methods, the button is disabled and a tooltip explains why.
2

Re-verify with step-up reauth

Removing a sign-in method weakens your account, so the app asks you to verify it is really you first. Use your password, authenticator, or passkey.
3

Confirm in the dialog

The dialog reminds you that you will no longer be able to sign in through that provider. Confirm to proceed.
4

Provider is removed

The row flips back to "Not connected" and the Link button is active again.
The zero-methods guardrail
If unlinking would leave you with no way to sign in, the Unlink button is disabled and the tooltip says "This is your only sign-in method. Add a password or another provider before unlinking." Add a password or link the other provider first, then unlink.

Setting a Password on an OAuth-Only Account

If you signed up through Google or Microsoft and never set a password, you can add one.

OAuth-only accounts are fully functional — you do not needa password. But adding one gives you an extra sign-in method, useful if a provider has an outage or your Google / Microsoft account changes. The action is on the Password card at the top of the Sign-in & verification section.

1

Click Add password

The Add password button is only shown when no password is set on your account.
2

Verify your identity first

Because adding a password creates a new way to reach your account, the app asks you to step-up reauth with your existing factors (authenticator, passkey, or provider re-sign-in).
3

Enter the new password

The new password must meet the same policy rules that apply at signup — length, character variety, and rejection of leaked or obvious passwords.
4

Save

Once saved, the Password card status flips to Active and the Add password button becomes Change password.

Changing Your Password

Rotate your password when you suspect it is compromised or just as routine hygiene.

1

Click Change password

The button is on the right of the Password card.
2

Re-verify with step-up reauth

The app asks you to prove it is you. Use your current password, an authenticator, or a passkey.
3

Enter the new password

Same policy rules as signup. The form rejects weak, reused, or known-leaked passwords.
4

Save and optionally sign out other devices

After a successful change, consider running Sign out other sessions from the Active sessions card so any device that had the old password is kicked off.
Password policy
The new-password form applies the same validation as the signup page: a minimum length, a mix of character types, and rejection of passwords that appear in known-breach datasets. If the form rejects a password, try one that is longer or more unusual rather than tweaking capitalization.

Common Error Messages

What the warnings on this card actually mean.

  • "This is your only sign-in method" — The zero-methods guardrail. Add a password or link another provider before unlinking.
  • "Failed to start link flow" — The provider redirect could not be constructed. Try again; if it persists, check for browser extensions blocking cross-site requests.
  • "Failed to unlink identity" — The backend rejected the unlink, usually because the request ran after the zero-methods count would have been violated (race condition). Reload the page and try again.

Related Articles

Security Settings OverviewTwo-Factor AuthenticationActive Sessions
Previous
Active Sessions
Next
Notification Settings