Skip to main content

Credentials and Security

Use My Credentials to manage your personal access settings. This page combines password management, two-factor authentication, token handling, service verification, and security reporting.

Live credentials page showing password, 2FA, tokens, and service PIN
My Credentials page

What This Page Is For

This page protects access to your own account. Unlike system-wide security settings, the actions here are personal and user-specific.

Who Should Use It

Every user should know this page. It becomes especially important during onboarding, security hardening, token-based integration work, or when contacting support.

What You Can Do Here

AreaPurpose
Change passwordSet a new password and confirm it with the current password
TokensReview existing tokens or issue an SDK token for integrations
Two-Factor Authentication (TOTP)Activate an authenticator-app-based second factor
Hotline Service PINRetrieve the support verification PIN for admin-related requests
Report Security IncidentEscalate suspected account or token abuse
Log OutEnd the current session

Change your password

The live page requires:

  1. A new password
  2. Password confirmation
  3. Your current password for verification

Passwords must be at least 6 characters long.

Change password form with new password and confirmation fields
Change password form with new password and confirmation fields

Enable two-factor authentication

The live TOTP workflow is structured as follows:

  1. Install an authenticator app such as OTP Auth, FreeOTP, Authy, or Google Authenticator.
  2. Pair it with ZeyOS using the QR code or the displayed secret.
  3. Enter the six-digit validation code and activate 2FA.
Two-factor authentication setup with QR code pairing
Two-factor authentication setup with QR code pairing

Manage tokens carefully

Use Show My Tokens to review existing tokens and Issue SDK Token only when a technical integration requires it. Revoke unused tokens immediately.

When to Use the Service PIN or Security Incident Flow

  • Use the Service PIN when the ZeyOS team must verify your administrative identity.
  • Use Report Security Incident if you suspect unauthorized access, a leaked token, or another account-related security problem.

Best Practices

  • Enable 2FA for every administrative account.
  • Treat tokens like passwords.
  • Change credentials immediately after any suspected compromise.
  • Do not share your support verification PIN casually.