Sign InGet Started

Account Security

Account Security

Secure your Contextium account with two-factor authentication and security best practices.

Two-Factor Authentication (2FA)

Add an extra layer of security to your account by requiring a code from your phone in addition to your password.

Enable 2FA

  1. Navigate to SettingsSecurity
  2. Click Enable Two-Factor Authentication
  3. Scan QR code with authenticator app
  4. Enter verification code
  5. Save recovery codes in a safe place
  6. Click Enable

Recommended Authenticator Apps

  • Authy - Multi-device sync
  • Google Authenticator - Simple and reliable
  • 1Password - Built into password manager
  • Microsoft Authenticator - Windows integration

Recovery Codes

When enabling 2FA, you receive 10 recovery codes:

  • Save codes securely (password manager or printed)
  • Each code can be used once
  • Use if you lose access to authenticator
  • Generate new codes from SettingsSecurity

Disable 2FA

  1. Navigate to SettingsSecurity
  2. Click Disable Two-Factor Authentication
  3. Enter your password
  4. Enter current 2FA code
  5. Click Disable

Warning: Disabling 2FA reduces account security. Only disable if absolutely necessary.

Login Security

Password Security

Best practices for strong passwords:

  • Length - At least 12-16 characters
  • Complexity - Mix of uppercase, lowercase, numbers, symbols
  • Uniqueness - Don't reuse passwords from other sites
  • Password Manager - Use 1Password, Bitwarden, or similar

Failed Login Attempts

Contextium locks accounts after 5 failed login attempts:

  • Account locks for 30 minutes
  • Email notification sent
  • Manual unlock via email link

If you receive unexpected lockout emails, someone may be trying to access your account. Consider:

  • Changing your password immediately
  • Enabling 2FA
  • Reviewing active sessions

Login Notifications

Receive alerts for login activity:

  1. Navigate to SettingsSecurity
  2. Enable Login Notifications
  3. Get emails for:
    • New device logins
    • Unusual location logins
    • Failed login attempts

Session Security

Session Timeout

Sessions automatically expire:

  • Active use - 30 days of inactivity
  • Inactive - 7 days without any activity
  • Remember me unchecked - When browser closes

Secure Your Sessions

  • Log out on shared computers
  • Use private/incognito mode on public devices
  • Don't save passwords on public computers
  • Enable "Require password after 15 minutes" on your device

API Key Security

If you use the Contextium API (Professional plan+):

API Key Best Practices

  • Store securely - Use environment variables, never commit to git
  • Rotate regularly - Generate new keys every 90 days
  • Limit scope - Create separate keys for different apps
  • Monitor usage - Review API logs for suspicious activity
  • Revoke unused - Delete old keys immediately

Rotate API Keys

  1. Navigate to SettingsAPI Keys
  2. Click Generate New Key
  3. Update applications with new key
  4. Click Delete on old key
  5. Confirm deletion

See API Documentation for details.

Account Recovery

Email Recovery

Ensure you can recover your account:

  1. Keep email address current
  2. Add recovery email (coming soon)
  3. Save recovery codes if using 2FA
  4. Know your password or use password manager

Lost Access

If you lose access to your account:

Forgot Password:

  1. Click Forgot Password on login page
  2. Check email for reset link
  3. Create new password

Lost 2FA Device:

  1. Use recovery code to log in
  2. Navigate to SettingsSecurity
  3. Disable 2FA
  4. Set up 2FA on new device

Lost Email Access:

  • Contact support at support@contextium.io
  • Provide account verification information
  • Follow support team instructions

Data Protection

Encryption

Contextium encrypts your data:

  • In transit - TLS 1.3 for all connections
  • At rest - AES-256 encryption for stored data
  • Backups - Encrypted backups with separate keys

Privacy

Contextium practices:

  • No selling of user data
  • Minimal data collection
  • GDPR compliance
  • Regular security audits
  • SOC 2 Type II certified (Enterprise)

See Privacy Policy for details.

Account Deletion

Schedule Account Deletion

  1. Navigate to SettingsAccount
  2. Click Delete Account
  3. Enter your password
  4. Select reason for leaving (optional)
  5. Click Schedule Deletion

Grace Period

Account deletion has a 90-day grace period:

  • Data preserved for 90 days
  • Can cancel deletion anytime
  • After 90 days, data permanently deleted
  • Email reminders at 30, 7, and 1 day before deletion

Cancel Scheduled Deletion

  1. Log in to your account
  2. Navigate to SettingsAccount
  3. Click Cancel Deletion
  4. Account remains active

What Gets Deleted

When account is permanently deleted:

  • Your profile and personal information
  • Files you created
  • Version history
  • API keys and access tokens

Note: Files in shared workspaces where you're not the owner remain intact, but your authorship is anonymized.

Security Best Practices

For Individuals

  1. Enable 2FA - Most important security step
  2. Strong password - Use password manager
  3. Monitor activity - Review active sessions monthly
  4. Secure email - Your email account protects Contextium access
  5. Update software - Keep browser and OS up to date

For Teams

  1. Require 2FA - Enforce 2FA for all team members (Enterprise)
  2. SSO - Use Single Sign-On for centralized access (Business plan+)
  3. Access reviews - Audit team members quarterly
  4. Remove former employees - Revoke access immediately when someone leaves
  5. Audit logs - Review security logs regularly (Business plan+)

For API Users

  1. Secure keys - Never commit keys to version control
  2. Rotate regularly - Change keys every 90 days
  3. Monitor usage - Watch for unexpected API calls
  4. Limit permissions - Use read-only keys where possible
  5. Revoke unused - Delete old keys immediately

Reporting Security Issues

Found a security vulnerability?

  1. Don't disclose publicly
  2. Email security@contextium.io
  3. Include:
    • Description of vulnerability
    • Steps to reproduce
    • Potential impact
    • Your contact information
  4. We'll respond within 24 hours
  5. Coordinated disclosure timeline agreed upon

Contextium has a responsible disclosure policy and may offer rewards for valid security reports.

Compliance & Certifications

Contextium maintains security certifications:

  • SOC 2 Type II (Enterprise)
  • GDPR compliant
  • CCPA compliant
  • Regular penetration testing
  • Annual security audits

See Security Portal for latest reports.

Next Steps

Previous
Introduction
Next
Notifications