Skip to Content
SettingsSecurity, Password & 2FA

Security, Password & 2FA

Protect your Timeblu account with strong security practices. This page covers password management, two-factor authentication (2FA), and account security.

Accessing Security Settings

Navigate to Settings > Security from the sidebar.

Changing Your Password

How to Change Password

Go to Security Settings

Navigate to Settings > Security.

Click Change Password

Find and click Change Password button.

Enter Current Password

Type your current password to verify your identity.

Enter New Password

Create a new password that meets requirements.

Confirm New Password

Re-enter the new password to confirm.

Save

Click Save or Update Password.

Password Requirements

Strong passwords should have:

  • Minimum 8 characters (recommended: 12+)
  • Mix of uppercase and lowercase
  • At least one number
  • At least one special character
  • Not commonly used passwords

Good Password Examples

✓ MyC0aching@2025!
✓ Timeblu$ecure99
✓ Session#booking42

Bad Password Examples

✗ password123
✗ 12345678
✗ timeblu
✗ yourname1
Use a password manager to generate and store strong, unique passwords.

Forgot Password

Resetting Password

If you’ve forgotten your password:

  1. Go to app.timeblu.com 
  2. Click Sign In
  3. Click Forgot Password?
  4. Enter your email address
  5. Check your email for reset link
  6. Click the link and create new password

Reset Email Not Received?

  1. Check spam/junk folder
  2. Verify email address is correct
  3. Wait a few minutes
  4. Try again
  5. Contact support if still not received

Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security to your account. When enabled, you’ll need both your password and a code from an authenticator app to sign in.

2FA is optional. You can enable or disable it at any time from your security settings.

What You Need

A TOTP-compatible authenticator app on your phone, such as:

  • Google Authenticator (Android / iOS)
  • Authy (Android / iOS / Desktop)
  • 1Password (if you already use it as your password manager)
  • Microsoft Authenticator (Android / iOS)

Enabling 2FA

Go to Security Settings

Navigate to Settings > Security and scroll down to the Two-Factor Authentication section.

Click Enable 2FA

Click the Enable 2FA button to start the setup process.

Scan the QR Code

A dialog will appear with a QR code. Open your authenticator app and scan the code. If you can’t scan it, click Or enter this code manually and type the text code into your app.

Enter Verification Code

Your authenticator app will show a 6-digit code that changes every 30 seconds. Enter the current code to verify the setup.

Save Your Recovery Codes

You’ll be shown 10 recovery codes. Each code can only be used once. Save them in a safe place (password manager, printed copy, etc.).

Click Copy All to copy them to your clipboard, then check the box I have saved these recovery codes and click Done.

Recovery codes are shown only once during setup. If you lose both your authenticator app and your recovery codes, you will need to contact support to regain access to your account.

Signing In with 2FA

Once 2FA is enabled, the login flow changes:

  1. Enter your email and password as usual
  2. You’ll be redirected to a verification screen
  3. Open your authenticator app and enter the current 6-digit code
  4. Click Verify to complete sign-in

Using a Recovery Code

If you lose access to your authenticator app:

  1. On the 2FA verification screen, click Use a recovery code
  2. Enter one of your saved recovery codes
  3. You’ll be signed in and 2FA will be disabled on your account
  4. Re-enable 2FA from Settings to generate a new set of codes

Using a recovery code disables 2FA as a safety measure. Remember to re-enable it from Settings > Security after signing in.

Disabling 2FA

Go to Security Settings

Navigate to Settings > Security and find the Two-Factor Authentication section.

Click Disable 2FA

Click the Disable 2FA button.

Enter Verification Code

Enter a 6-digit code from your authenticator app to confirm.

Confirm

2FA will be turned off. You can re-enable it at any time.

Regenerating Recovery Codes

If you’ve used some recovery codes or want new ones:

  1. Go to Settings > Security > Two-Factor Authentication
  2. Click Regenerate Recovery Codes
  3. Enter a 6-digit code from your authenticator app
  4. Save the new set of 10 codes - all previous codes are invalidated

2FA Frequently Asked Questions

Can I use 2FA with Google sign-in?

Yes. If you sign in with Google and have 2FA enabled, you’ll be asked for the authenticator code after the Google authentication completes.

What happens if I lose my phone?

Use one of your saved recovery codes to sign in. This will disable 2FA so you can set it up again with your new device.

Can I change my authenticator app?

Yes. Disable 2FA first, then re-enable it to generate a new QR code for your new app.

Is 2FA required?

No, 2FA is completely optional. However, we strongly recommend enabling it, especially if your account contains sensitive client data.

Account Security Best Practices

Strong Password

  • Use unique password for Timeblu
  • Don’t reuse passwords from other sites
  • Change periodically (annually minimum)
  • Use a password manager

Email Security

Your email is your account:

  • Keep your email account secure
  • Use strong email password
  • Enable two-factor on email

Browser Security

When using Timeblu:

  • Don’t save passwords in shared computers
  • Log out from shared devices
  • Use incognito/private mode on shared computers

Device Security

Protect devices you use:

  • Lock your devices with PIN/password
  • Keep operating system updated
  • Use antivirus software

Session Management

Active Sessions

Your login sessions:

  • Timeblu keeps you logged in
  • Session expires after inactivity
  • Clear browser data to log out everywhere

Logging Out

To log out:

  1. Click your profile/account menu
  2. Click Log Out or Sign Out
  3. Confirm if prompted

Logging Out Everywhere

To log out from all devices:

  1. Change your password
  2. All sessions are invalidated
  3. Re-login on devices you want to use

Data Protection

Your Data is Encrypted

Timeblu protects your data:

  • In transit: HTTPS/TLS encryption
  • At rest: Encrypted database storage
  • Backups: Encrypted backups

Privacy

We protect your privacy:

  • No selling of personal data
  • GDPR compliant
  • Data processing agreements available

Data Access

Who can access your data:

  • Only you (and anyone you share credentials with)
  • Timeblu support (for technical issues, limited access)
  • No third parties without consent

Account Recovery

If Locked Out

If you can’t access your account:

  1. Try password reset - Use forgot password feature
  2. Check email access - Ensure you can access your email
  3. Contact support - Email support@timeblu.com with:
    • Your account email
    • Business name
    • Any verification info

Account Verification

Support may ask for:

  • Email verification
  • Business name
  • Recent activity details
  • Payment method last 4 digits

Suspicious Activity

Signs of Compromise

Watch for:

  • Sessions you didn’t create
  • Clients you didn’t add
  • Settings changes you didn’t make
  • Password reset emails you didn’t request

What to Do

If you suspect unauthorized access:

  1. Change password immediately
  2. Review recent activity - Check calendar and clients
  3. Check email account - Ensure it’s secure
  4. Contact support - Report the incident

Report Security Issues

Found a security vulnerability?

Account Deletion

Requesting Deletion

If you want to delete your account:

  1. Cancel any active subscription
  2. Export your data if needed
  3. Contact support requesting deletion
  4. We’ll process within GDPR timeframes

What Gets Deleted

  • Your account and login
  • All client data
  • All session data
  • All settings

Account deletion is permanent. Export your data first if you might need it.

Last updated on
Calendar DisplayLanguage & Theme