Account Security & Two-Factor Authentication
Protecting your CredFolio account is essential since it contains sensitive professional credentials. This article explains how to secure your account with two-factor authentication (2FA), manage passwords, and control active sessions.
In this article:
Two-Factor Authentication (2FA)
Two-factor authentication adds an extra layer of security by requiring a code from your authenticator app in addition to your password.
Setting Up 2FA
Go to Settings → Security
Toggle the Two-Factor Authentication (2FA) switch to enable
Scan the QR code with an authenticator app (Google Authenticator, Authy, Microsoft Authenticator, etc.)
Enter the 6-digit code to verify
Tip: You can connect up to 3 authenticator apps for backup access. After enabling 2FA, click "Add Another" to set up additional authenticators.
Disabling 2FA
To disable 2FA, go to Settings → Security and toggle the 2FA switch off. You'll need to enter a code from your authenticator app to confirm.
Password Management
Changing Your Password
If you have a password set up (not social login only):
Go to Settings → Security
Click "Change Password"
Enter your current password
Enter and confirm your new password
Click "Update Password"
Setting Up Password Login (Social Users)
If you signed up with Google or another social account, you can add password login as an alternative sign-in method:
Go to Settings → Security
Click "Set Up Password Login"
Check your email for a setup link
Create your password
Session Management
CredFolio lets you view and manage all devices where you're logged in.
Viewing Active Sessions
Go to Settings → Security to see a list of your active sessions, including:
Device type and browser
Location (approximate)
Last activity time
Current session indicator
Logging Out of All Devices
If you suspect unauthorized access or lost a device:
Go to Settings → Security
Click "Log Out of All Devices"
Confirm the action
This immediately ends all sessions except your current one.
Auto Logout
For security, sessions automatically end after 30 minutes of inactivity. A warning appears 2 minutes before logout so you can extend your session.
Connected Accounts
You can link multiple social accounts for easier sign-in:
Google
Apple
Facebook
LinkedIn
Microsoft
Linking a New Account
Go to Settings → Security
Scroll to Connected Accounts
Click the provider you want to connect
Authorize the connection
Unlinking an Account
To unlink a connected account, click "Unlink" next to the provider. You must keep at least one sign-in method active.
Note: Unlinking an account removes the sign-in connection but does not delete your CredFolio data. To delete your data, visit your Privacy Settings.
Frequently Asked Questions
What if I lose my phone with my authenticator app?
If you lose access to your authenticator app, contact support at [email protected] for account recovery assistance. If you have a backup authenticator set up (up to 3 allowed), you can use that instead.
Can I use SMS for 2FA?
Currently, CredFolio supports authenticator app-based 2FA (TOTP) only. SMS-based 2FA is not available due to security concerns with SMS interception.
How do I know if someone else accessed my account?
Check your active sessions in Settings → Security. If you see unfamiliar devices or locations, immediately log out of all devices and change your password.
Why did my session expire?
Sessions expire after 30 minutes of inactivity for security. This protects your account if you forget to log out on a shared or public computer.
Need More Help?
Click the chat icon in the bottom-right corner to contact our support team.