Security Settings
Your account security is a top priority. The Security Settings page provides tools and information to help you protect your ML Clever account and data.
Here, you can manage your password, set up Multi-Factor Authentication (MFA) for an extra layer of protection, and review recent account activity.
Accessing Security Settings
You can access your personal security settings from the main settings menu:
Navigate to Settings
Click on the Settings or your profile icon.
Select Security
Within the Settings menu, find and click on the "Security" or "Account Security" section.
Key Security Features
Password Management
Keeping your password secure is essential. ML Clever utilizes Auth0 for secure authentication, which includes robust password management features.
Changing Your Password
To change your password, you'll typically need to use the password reset flow provided by our authentication system (Auth0). Look for a "Forgot Password?" or "Reset Password" link on the ML Clever login page.
Click the "Change Password" button or link within the Security Settings page (if available) which will guide you through the secure password change process.
You may be required to verify your identity via email before setting a new password.
Multi-Factor Authentication (MFA)
MFA (also known as Two-Factor Authentication or 2FA) adds a critical layer of security to your account. When enabled, logging in requires both your password and a second verification step, usually from your mobile device. We strongly recommend enabling MFA.
Enabling MFA
Look for the MFA section within Security Settings. Click "Enable MFA" or "Set up Authenticator App". You will typically be guided through steps to scan a QR code with an authenticator app (like Google Authenticator, Authy, etc.) on your phone and enter a verification code.
Managing MFA Devices
Once enabled, this section may allow you to view your registered MFA devices, add backup methods (if supported, e.g., backup codes, SMS), or disable MFA (which may require verification).
Backup Codes
If backup codes are offered during setup, save them in a secure place. These codes allow you to access your account if you lose access to your primary MFA device.
Note: MFA setup and management might involve interacting with prompts from our authentication provider, Auth0.
Account Activity & Sessions
Reviewing your recent account activity helps you spot any unauthorized access attempts. This section may provide details about recent logins and currently active sessions.
Recent Login History
Check the list of recent login events, which may include the date, time, approximate location (based on IP address), and device/browser used. Report any suspicious activity immediately.
Active Sessions
View a list of devices currently logged into your account. If you see an unfamiliar session, you may have the option to "Log out" () that specific session remotely.
Feature Availability: The level of detail shown for account activity and session management may vary.
Security Best Practices
Use a Strong, Unique Password
Avoid reusing passwords from other websites. Use a password manager to generate and store complex passwords.
Enable MFA
Multi-Factor Authentication significantly increases your account security. Enable it if you haven't already.
Beware of Phishing
Be cautious of emails or messages asking for your login credentials. ML Clever will never ask for your password via email. Verify the sender and website address before clicking links or entering information.
Review Account Activity
Periodically check your login history and active sessions (if available) for any unrecognized activity.
Log Out When Finished
Especially on shared or public computers, make sure to explicitly log out of your ML Clever session when you are done.
Troubleshooting Security Issues
| Problem | Possible Solutions |
|---|---|
| Forgot Password | • Use the "Forgot Password?" link on the login page to initiate the reset process via email. |
| MFA Code Not Working | • Ensure your phone's time is synced automatically (required for TOTP apps). • Wait for the code to refresh in your authenticator app. • Try using a saved backup code if available. |
| Lost MFA Device / Backup Codes | • Contact ML Clever support or your account administrator for assistance with account recovery. |
| See Suspicious Account Activity | • Immediately change your password. • Enable MFA if not already enabled. • Log out any unfamiliar active sessions if possible. • Report the activity to ML Clever support or your administrator. |