Security
The Security page lets you change your account password and, on Enterprise plans, configure the list of IP addresses authorized to access the platform.
How to access
- Menu: user icon at the top right → Security
- Address:
/account/security - Who can use it: Administrator and User
Interface
The page contains one or two stacked cards.
Card — Change password
Always visible. Contains three fields:
| Field | Notes |
|---|---|
| Current password | The password used to sign in. |
| New password | Minimum 12 characters. A strength bar visually indicates the robustness of the new password as you type. |
| Confirm new password | Must match the new password exactly. |
Update password button at the bottom right of the card.
Card — IP allowlist Administrator
Visible only on Enterprise plans. If the current plan does not include the feature, this card is hidden.
Contains:
- Header with status — shows whether the allowlist is active (
Active) or in log-only mode (Log only). - Current IP — the IP address detected for the active session, useful to verify which address to add.
- Mode selector — two radio options:
- Log only — connections from unlisted IPs are logged but not blocked.
- Enforce — connections from unlisted IPs are blocked.
- CIDR rules area — multi-line text field for entering one IP address or CIDR block per line (e.g.
203.0.113.0/24). Lines with invalid format are highlighted in red. - Lockout warning — if the entered rules would exclude the current IP, an orange warning appears and saving is disabled until the issue is resolved.
- Save button — enabled only when there are no invalid rules and no lockout risk.
Operations
Change the password
- Enter the Current password in the first field.
- Enter the New password (minimum 12 characters). Check that the strength bar shows a sufficient level.
- Repeat the new password in the Confirm new password field.
- Click Update password.
- A green confirmation toast appears at the bottom right if the operation succeeded.
Configure the IP allowlist Administrator
note
This section is available on Enterprise plans only.
- In the IP allowlist card, choose the mode:
- Log only to monitor without blocking.
- Enforce to block access from unauthorized IPs.
- In the text area, enter the authorized IP addresses or CIDR blocks, one per line.
- Single IP example:
203.0.113.42 - Block example:
203.0.113.0/24
- Single IP example:
- Make sure the current IP of your session is included in the rules, or add
0.0.0.0/0to avoid locking yourself out while configuring. - If the orange lockout warning appears, correct the rules before saving.
- Click Save.
States and messages
| Message / state | Cause |
|---|---|
| Error "Passwords do not match" | The confirm field differs from the new password. |
| Error "Password too short" | The new password has fewer than 12 characters. |
| Error "Incorrect current password" | The current password entered is wrong. |
| Confirmation toast (password change) | The password was updated successfully. |
| Lockout warning (orange) | The IP rules entered would block the current session; saving is disabled. |
| Red CIDR lines | The IP address or CIDR block format is invalid. |
Notes and limits
- The new password must be at least 12 characters long.
- The IP allowlist is an Enterprise-only feature; it is not visible on other plans.
- In Enforce mode, an IP not on the list will be unable to access the platform: always ensure your office or VPN IP is included before enabling enforcement.
- Only Administrators can edit IP rules; regular Users see only the change-password card.