Organisation settings & security

Settings is where an organisation owner or admin manages the organisation itself and the security controls that apply to everyone. Most people never need this page; the ones who set the organisation up do. This guide covers the general profile, two-factor authentication, how members sign in, and the irreversible actions.

General

The general settings hold the organisation’s name, which an owner or admin can edit. These details identify your organisation across the product.

Manage: Settings

Multi-factor authentication

Each member sets up two-factor authentication (2FA) for their own account using an authenticator app (TOTP). Once enrolled, they can mark a browser as trusted to skip the challenge for 30 days, and forget all trusted devices if they need to.

Owners and admins can enforce two-factor authentication for the whole organisation with a single toggle — Enforce two-factor authentication — which requires every member to set up 2FA before they can keep using the organisation. If a member is locked out, an admin can reset their 2FA from the Members page.

Signing in

Members can sign in with an email and password, or with a Google or Microsoft account (“Continue with Google” / “Continue with Microsoft”). Using a Google or Microsoft account means one fewer password to manage, and pairs with enforced 2FA for stronger account security.

Danger zone

The danger zone holds actions that can’t be undone — most notably deleting the organisation. Deleting an organisation removes its data permanently, so the action asks you to confirm. Treat this section with care; it exists for winding an organisation down, not for everyday administration.