Security & Password Management
Change your password, review security tips, and manage your account security settings including two-factor authentication toggle.
Accessing Security Settings
Click Settings (gear icon) in the sidebar → Personal settings → Security tab. This page contains password management, 2FA toggle, and security tips. For profile-related settings, see Profile & Theme Settings.
Changing Your Password
To update your password:
- Enter your Current Password
- Enter your New Password (minimum 6 characters)
- Enter Confirm New Password — must match the new password
- Click "Save Password"
Password Requirements
- Minimum 6 characters
- New password and confirmation must match
- Current password must be correct
Two-Factor Authentication Toggle
The Security page includes a toggle switch for 2FA:
- Off → On: Redirects you to the 2FA setup flow (see Two-Factor Authentication guide)
- On → Off: Asks for your password to confirm disabling
Grant Support Access
In the Organization Settings → Security → Permissions section, you'll find a toggle to grant the Bugalou team permission to access your account for support.
When this is enabled:
- The Bugalou support team can temporarily access your workspace to diagnose issues, review settings, and help troubleshoot problems
- This is useful when you contact support and they need to see your exact configuration to assist you
- Support team members can view your conversations, settings, and integrations — but cannot modify anything without your explicit request
When this is disabled (default):
- The Bugalou team has no access to your account data
- Support can only assist based on the information you provide in your support tickets
You can toggle this setting on and off at any time. We recommend enabling it only when you need direct support, and disabling it afterwards for maximum privacy.
Security Tips
The Security page includes an informational box with best practices:
- Use a strong, unique password — don't reuse passwords from other services
- Enable 2FA — adds an extra layer of security
- Don't share your credentials — never share your password or 2FA codes
- Log out on shared devices — always log out when using public or shared computers
- Keep your email secure — your email is the recovery method for your account. If you suspect unauthorized access, contact our support team immediately