> ## Documentation Index
> Fetch the complete documentation index at: https://docs.navnx.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> Managing your password, two-factor authentication, passkeys, and active sessions.

## Security Settings

Navigate to **Settings > Security** to manage your authentication credentials and review active sessions.

## Changing Your Password

<Steps>
  <Step title="Enter your current password">
    Type your existing password to confirm your identity.
  </Step>

  <Step title="Enter a new password">
    Your new password must meet the following requirements:

    * At least **12 characters** long
    * Must satisfy **4 out of 5** criteria: uppercase, lowercase, number, special character, no more than 2 consecutive identical characters
  </Step>

  <Step title="Confirm and save">
    Re-enter the new password and click **Update Password**.
  </Step>
</Steps>

A strength indicator displays the quality of your new password as you type (Weak, Fair, Strong, Very Strong).

## Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a time-based code from an authenticator app each time you sign in.

### Setting Up 2FA

<Steps>
  <Step title="Navigate to Security settings">
    Go to **Settings > Security** and find the **Two-Factor Authentication** section.
  </Step>

  <Step title="Click Set up 2FA">
    Click the **Set up 2FA** button. You will be taken to the setup page.
  </Step>

  <Step title="Scan the QR code">
    Open your authenticator app (Google Authenticator, Authy, 1Password, Microsoft Authenticator, etc.) and scan the QR code displayed on screen. Alternatively, click the **copy icon** next to the manual entry key to enter it by hand.
  </Step>

  <Step title="Confirm with a code">
    Click **I've scanned the code**, then enter the 6-digit code currently displayed in your authenticator app.
  </Step>

  <Step title="2FA is now active">
    Once verified, 2FA is enabled on your account. You will need your authenticator app each time you sign in.
  </Step>
</Steps>

<Warning>
  Save the manual entry key in a secure location. If you lose access to your authenticator app, you will need your organisation administrator to reset your 2FA.
</Warning>

### Signing In with 2FA

After entering your email and password, you will be prompted to enter a 6-digit code from your authenticator app. The code changes every 30 seconds.

* Type the code into the six input boxes (they auto-advance as you type).
* You can also paste a 6-digit code directly.
* Click **Verify** to complete sign-in.

### Disabling 2FA

To disable two-factor authentication:

1. Go to **Settings > Security**.
2. Click **Disable 2FA** in the Two-Factor Authentication section.

<Note>
  Disabling 2FA reduces your account security. Consider keeping it enabled, especially if you handle patient data.
</Note>

## Passkeys

Passkeys provide passwordless sign-in using your device's biometrics (fingerprint, face recognition) or a physical security key.

### Registering a Passkey

1. Click **Add Passkey** in the passkeys section.
2. Follow your browser's prompt to register a passkey with your device.
3. Give the passkey a descriptive name (e.g., "Work Laptop", "YubiKey").

### Managing Passkeys

Your registered passkeys are listed with their name, creation date, and last-used date. Click the **delete icon** next to a passkey to remove it.

<Tip>
  Register passkeys on multiple devices so you are not locked out if one device is unavailable.
</Tip>

## Active Sessions

The sessions section lists all devices and browsers currently signed in to your account. Each entry shows:

* Browser and operating system
* IP address
* Last active time

Click **Revoke** next to a session to sign it out remotely. Click **Revoke All Other Sessions** to sign out everywhere except your current session.
