TR
DE
PLAccount Security, 2FA, Session Management and Login Audit
Protect your account with TOTP-based 2FA, hardware security keys (WebAuthn/FIDO2), session timeouts and a complete login audit log. SSO is available on Enterprise.
Account Security, 2FA, Session Management and Login Audit
Two-factor authentication (2FA)
Strongly recommended for all accounts. Required for Owner and Admin roles on Standard and above.
- TOTP (Google Authenticator, Authy, 1Password, etc.)
- Hardware security key (YubiKey, Titan, any WebAuthn/FIDO2)
- 10 backup recovery codes generated on enrolment
- Workspace-wide enforcement available, all members must enable
Single Sign-On (SSO)
Enterprise plan supports SAML 2.0 SSO with any major IdP. Once enabled, SSO can be enforced for all workspace members.
- Okta, Azure AD, Google Workspace, JumpCloud, OneLogin
- Just-in-time (JIT) user provisioning
- Group-to-role mapping
- SCIM 2.0 for automatic deprovisioning
Session management
View and revoke active sessions across devices. Session timeouts are configurable per workspace.
- Settings > Security > Active Sessions, device + IP + last activity
- Revoke any session immediately (kills the token within 30 seconds)
- Default timeout: 30 days idle, configurable down to 1 hour
- Force re-auth after password or 2FA change
Audit log and alerts
Every security-relevant event is logged and exportable. Suspicious activity triggers an automatic email.
- Login attempts (success + failure) with IP and user agent
- Password and 2FA changes
- Role and permission changes
- Alerts: new device, new country, failed-attempt spike
- 1Morning Review
Scan overnight alerts on one dashboard screen.
- 2Assign Alerts
Share account security, 2fa, session management and login audit tasks with owners and due dates.
- 3Explore Trends
Use weekly filters to spot drops or quick wins.
- 4Automate
Schedule PDF, Slack or email triggers.