Skip to main content

Account security

Protect your PollPe account with a strong password, two-factor authentication, and a one-click way to sign out everywhere. Everything on this page is scoped to your personal login, not the workspace.

Password

The Password card shows when you last updated your password and lets you change it.

  • If you've never set one (you signed in with Google or magic link), the button reads Set Password.
  • If you already have a password, the button reads Change Password and the card shows "Last updated X ago".

Click the button to open the password dialog. You'll be asked for:

  • Old password - only required if a password is already set.
  • New password - PollPe enforces a strength check and won't let you save a weak password.
  • Confirm password - must match the new password.

Click Save to apply. You stay signed in on the current device. To sign out of every other session at the same time, use the section below.

Two-factor authentication

Two-factor authentication (2FA) adds a one-time code on top of your password. Without the code, no one can sign in even if they steal your password.

To turn 2FA on:

  1. Click Enable 2FA on the Two-factor authentication card.
  2. A QR code appears. Scan it with an authenticator app like Google Authenticator, Microsoft Authenticator, or Authy.
  3. The app shows a rotating 6-digit code. Enter it in the Auth code field and confirm.

Once enabled, the card shows an Enabled badge and the button changes to Disable 2FA.

To turn 2FA off, click Disable 2FA and confirm with a fresh code from your authenticator. Disabling 2FA removes the second factor immediately. Only do this if you're switching devices or apps.

Logout of all sessions

The Logout of all sessions card signs you out everywhere - the current browser, other browsers, mobile, and any device where you might still be logged in.

Click Logout of all sessions and PollPe will:

  1. Revoke every active session token tied to your account.
  2. Clear local credentials on the current device.
  3. Redirect you to the login page.

Use this if you've lost a device, used a public computer, or just want to start clean. There is no undo, but you can sign back in normally afterward.

When to use what

  • Lost a device - log out of all sessions, then change your password.
  • Suspect someone has your password - change your password and enable 2FA.
  • Switching to a new authenticator app - disable 2FA, then re-enable it from the new app.
  • Onboarding a sensitive workspace - set a strong password and turn 2FA on day one.

Tips

  • Use a password manager. Long random passwords beat clever ones.
  • Pair 2FA with backup codes stored in your authenticator app, in case you lose your phone.
  • Sign out of shared devices by logging out of all sessions when you're done.
  • 2FA only protects this account. Teammates have to enable it on their own logins.

Contents