> ## Documentation Index
> Fetch the complete documentation index at: https://userguide.tesacloud.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Settings

> Manage authentication options and account security

# Security Settings

Protect your account with additional security options including biometric sign-in, passkeys, and two-factor authentication.

## Accessing Security Settings

1. Click **Settings** in the navigation menu
2. Click **Security Settings** in the settings menu

## Sign-in Options

### Biometric Sign-In (Mobile Only)

Use Face ID, Touch ID, or fingerprint to sign in quickly on mobile devices.

<Steps>
  <Step title="Enable Biometric Sign-In">
    Toggle the switch next to your biometric type (Face ID, Touch ID, or Fingerprint)
  </Step>

  <Step title="Authenticate">
    Verify your identity using your device's biometric sensor
  </Step>

  <Step title="Confirmation">
    You'll see a confirmation message when enabled
  </Step>
</Steps>

<Note>
  Biometric sign-in is only available on iOS and Android devices with biometric hardware.
</Note>

### Passkey Sign-In

Passkeys provide passwordless sign-in using your device's secure authentication.

<Steps>
  <Step title="Add Passkey">
    Click **Add** in the Passkey section
  </Step>

  <Step title="Register Device">
    Follow your device's prompts to register a passkey
  </Step>

  <Step title="Use Passkey">
    On the login page, click **Sign in with Passkey**
  </Step>
</Steps>

**Managing Passkeys:**

* View all registered passkeys with device names and last used dates
* Delete passkeys you no longer need by clicking the delete icon

### Two-Factor Authentication (2FA)

Add an extra layer of security by requiring a code from your authenticator app.

<Steps>
  <Step title="Set Up 2FA">
    Click **Set up** in the Authenticator App section
  </Step>

  <Step title="Scan QR Code">
    Open your authenticator app (Google Authenticator, Authy, etc.) and scan the QR code
  </Step>

  <Step title="Enter Code">
    Enter the 6-digit code from your authenticator app to verify
  </Step>

  <Step title="Save Recovery Codes">
    **Important:** Save the 8 recovery codes displayed. You'll need these if you lose access to your authenticator app.
  </Step>
</Steps>

<Warning>
  Store your recovery codes in a safe place. Each code can only be used once, and you'll need them if you lose your phone or authenticator app.
</Warning>

## Signing In with 2FA

When 2FA is enabled:

1. Enter your email and password as usual
2. A dialog will ask for your 6-digit authenticator code
3. Enter the current code from your authenticator app
4. Click **Verify** to complete sign-in

## Recovery Options

If you lose access to your authenticator app:

<Steps>
  <Step title="Click Recovery Link">
    On the 2FA dialog, click **Lost your authenticator? Use a recovery code**
  </Step>

  <Step title="Enter Recovery Code">
    Enter one of your 8-character recovery codes
  </Step>

  <Step title="Access Restored">
    Your 2FA will be disabled and you can sign in normally. Re-enable 2FA in Security Settings to get new recovery codes.
  </Step>
</Steps>

## Disabling 2FA

1. Go to **Settings > Security Settings**
2. Click **Disable** next to Authenticator App
3. Confirm the action

<Note>
  Disabling 2FA will remove the extra security layer. Consider keeping it enabled for better account protection.
</Note>

## Best Practices

* **Enable multiple sign-in methods** - Use biometrics or passkeys for convenience, plus 2FA for security
* **Save recovery codes offline** - Print them or store in a password manager
* **Don't share codes** - Never share your authenticator codes or recovery codes
* **Update when changing devices** - Set up new passkeys when you get a new device
