Help Center

Docs

Security Settings

Your sign-in methods, two-factor authentication, active sessions, and recent account activity

What You Can Do on Settings > Security

The personal command center for your account safety.

Settings > Securityis where you manage everything about signing in to your own account — your password and sign-in providers, two-factor authentication (authenticator apps, passkeys, backup codes), every device currently signed in, and a 30-day history of sign-ins and security events. It is personal: no admin role is required to manage your own security, and admins do not see anyone else's details from this page.

Four dedicated articles cover each area
Rather than cramming everything into one long article, each area has its own reference. Start with the Overview for a tour of every section, then jump to the specific article for the feature you want to use.

Where to Read About Each Section

Direct links to the dedicated article for each piece.

  • Security Settings Overview— A tour of the whole Security page, including the step-up reauth model and role-based access.
  • Two-Factor Authentication— Enroll authenticator apps (TOTP), register passkeys (Face ID, Touch ID, Windows Hello, YubiKey), and generate backup codes.
  • Active Sessions— See every device signed in to your account, revoke ones you do not recognize, sign out every other session, and report suspicious sign-ins.
  • Sign-In Methods— Link or unlink Google and Microsoft, set an initial password on OAuth-only accounts, and change your password.

Quick Answers

For common one-shot questions.

  • Where do I change my password? Settings > Security → Password card → Change password. Full steps: Sign-In Methods.
  • How do I add 2FA? Settings > Security → Authenticator app (TOTP) card → Add authenticator. Full steps: Two-Factor Authentication.
  • How do I sign out other devices? Settings > Security → Active sessions → Sign out other sessions. Full steps: Active Sessions.
  • I signed up with Google. How do I add a password? Settings > Security → Password card → Add password. Full steps: Setting a Password on an OAuth-Only Account.
  • I saw a sign-in I did not make. Settings > Security → Recent activity → This wasn't me on the relevant row. Full steps: Reporting a Suspicious Sign-In.
Enroll at least two MFA factors
A single factor is a single point of failure. A common setup is one authenticator on your phone, one passkey on each laptop you use, and a sheet of backup codes in your password manager.

Related Articles

Security Settings OverviewTwo-Factor AuthenticationActive SessionsSign-In MethodsProfile Settings
Previous
Profile Settings
Next
Notification Settings