Account Security & Two-Factor Authentication
Change your password, enable two-factor authentication, and review your active sessions to keep your TrustPager account secure.
Your TrustPager account often has access to sensitive client data, payment integrations, and your team's communications. The Security page is where you tighten access control on your personal account. Head to https://app.trustpager.com/account/security to manage it.
Changing your password
On https://app.trustpager.com/account/security, click Change Password. You'll need to enter your current password, then your new one twice. Passwords must be at least 8 characters and include a mix of letters and numbers.
Once changed, you'll stay signed in on this device but other devices will be signed out automatically.
Two-factor authentication (2FA)
2FA adds a second verification step when you sign in — typically a 6-digit code from your phone. Even if your password leaks, an attacker can't get in without your second factor. We strongly recommend turning it on, especially if you're an admin.
Setting it up
- Click Enable Two-Factor Authentication on https://app.trustpager.com/account/security.
- Scan the QR code with an authenticator app — Google Authenticator, 1Password, Authy, or any TOTP-compatible app.
- Enter the 6-digit code from your app to confirm setup.
- Save the recovery codes shown — store them somewhere safe (a password manager is ideal). You'll need them if you lose access to your authenticator.
From your next sign-in onward, you'll be prompted for a 6-digit code after entering your password.
Disabling 2FA
If you ever need to turn it off, click Disable Two-Factor Authentication and confirm with your current 2FA code. We'll send you an email confirming the change as a safeguard.
Lost your authenticator?
Use one of the recovery codes you saved during setup — each code is single-use. Sign in with the code, then immediately reset 2FA from https://app.trustpager.com/account/security with your new device.
If you've lost both your authenticator and your recovery codes, contact a workspace admin — they can ask the TrustPager team to verify your identity and reset 2FA on your account.
Active sessions
The sessions list shows every device currently signed in to your account, with the device type, location (approximate, based on IP), and last active time. Sign out of any session you don't recognise immediately by clicking Sign out next to it — and consider rotating your password too.
If something looks wrong
If you see a sign-in you didn't make, an unexpected password change email, or any activity that doesn't look like you, take these three steps in order:
- Sign out of all other sessions from https://app.trustpager.com/account/security.
- Change your password.
- Enable 2FA if it isn't already on.
Then let your workspace admin know so they can review API keys, OAuth grants, and any unusual workspace activity at https://app.trustpager.com/admin/reporting.
Tip: If your role gives you admin or owner access to a workspace handling client payments or signed agreements, treat 2FA as mandatory — the cost of a compromised admin account is much higher than the friction of typing a 6-digit code at sign-in.