Account & Billing2 min read
Two-factor authentication and security
Enable OTP-based login and review your account security settings.
Spiceform takes security seriously. Your account is protected by industry-standard authentication, and you can enable additional security measures to further protect your data.
Authentication methods
- •Email + Password — the standard login method with strong password requirements.
- •Magic Link — passwordless login via a one-time link sent to your email.
- •OAuth — sign in with Google for a seamless, secure login experience.
- •OTP (One-Time Password) — receive a 6-digit code via email for two-factor verification.
Enabling two-factor authentication
- 1Go to Dashboard → Settings → Security.
- 2Under "Two-Factor Authentication", click "Enable".
- 3Choose your 2FA method (email OTP is currently supported).
- 4Verify by entering the code sent to your email. 2FA is now active.
Security best practices
- •Use a strong, unique password (12+ characters with mixed case, numbers, and symbols).
- •Enable 2FA for all team members, especially Admins and Owners.
- •Review active sessions periodically from the Security settings page.
- •Revoke access for team members who leave your organization immediately.
Pro tip
All connections to Spiceform use TLS 1.2+ encryption. Stored data is encrypted at rest using AES-256. Payment API keys are encrypted with AES-256-GCM and per-user authentication. Passwords are hashed with bcrypt.
Was this article helpful?