Security Settings
Protect your account with strong authentication, connected accounts, and active monitoring.
Keep your RIXL account secure with multifactor authentication, connected accounts for SSO, and session monitoring. These settings help you control who can access your account and how.
Connected Accounts
Link trusted third-party services for single sign-on (SSO) access.
Currently Supported:
- Google: Sign in with your Google account
- Apple: Log-in securely with your Apple ID
- Telegram: Connect for additional security features
Managing Connected Accounts
To Connect an Account:
- Click Connect next to the desired service
- Follow the authorization prompts from the provider
- Confirm the connection in your RIXL security settings
To Disconnect an Account:
- Click Disconnect next to the connected service
- Confirm the action when prompted
- Ensure you have an alternative login method configured
Before Disconnecting
If you use a connected account as your only sign-in method, create a password for your RIXL account before disconnecting it to avoid being locked out.
Two-Factor Authentication
Add an extra layer of security with authenticator app-based 2FA.
Setting Up 2FA
Download an Authenticator App
- Google Authenticator, Authy, or 1Password
- Available on iOS and Android
Enable 2FA in RIXL
- Go to Security Settings
- Click Enable Two-Factor Authentication
- Scan the QR code with your authenticator app
Verify Setup
- Enter the 6-digit code from your authenticator app
- Save your backup codes in a secure location
- Test login with 2FA enabled
Recovery Codes
When enabling 2FA, you'll receive backup recovery codes:
- Store securely: Keep these in a password manager or secure location
- Use once: Each code can only be used one time
- Generate new codes: Generate new codes if you've used several
Recovery codes allow you to access your account if you lose your authenticator app.
Password Management
Changing Your Password
Go to Security Settings → Password
Enter your current password for verification
Create a new strong password:
- At least 12 characters long
- Include uppercase, lowercase, numbers, and symbols
- Avoid common words or personal information
Confirm your new password and save changes
Password Requirements
RIXL passwords must include:
- Minimum 8 characters (12+ recommended)
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- Cannot be a commonly used password
Active Sessions
Review and manage all devices currently logged into your account.
Session Information
For each session, you'll see:
- Device Type: Browser, mobile app, or API client
- Location: Approximate geographic region
- Last Activity: Time of last use
- IP Address: Network identifier
Managing Sessions
Open the Active Sessions list in Security Settings
End Suspicious Sessions:
- Click End Session next to any unfamiliar login
- Sessions will be immediately terminated
End All Other Sessions:
- Use this option if you suspect unauthorized access
- Your current session will remain active
Check your active sessions regularly, especially if you use RIXL on shared or public devices.
Security Notifications
Choose how RIXL notifies you about account activity:
- Login Alerts: When a new device signs in
- Security Changes: Updates when security settings are modified
- Suspicious Activity: Alerts for unusual account behavior
- API Key Usage: Notifications for developer key activity
Account Recovery
If You're Locked Out
- Forgot Password: Use the password reset link on the login page
- Lost 2FA Device: Use your saved recovery codes
- Can't Access Email: Contact RIXL support with account verification details
Security Best Practices
- Enable two-factor authentication (2FA)
- Use a strong, unique password
- Regularly review active sessions
- Keep recovery codes secure and accessible
- Monitor connected accounts for unauthorized changes
Related Settings
- General Settings - Profile and account information
- API Access - Developer keys and security
- Membership - Organization security roles