Skip to main content

Overview

Configure security settings to protect your StatusStack account and organization.

Two-Factor Authentication

Enable 2FA

1

Open Security Settings

SettingsSecurityTwo-Factor Authentication
2

Choose Method

  • Authenticator app (recommended)
  • SMS
3

Scan QR Code

Use Google Authenticator, Authy, or 1Password
4

Save Backup Codes

Store securely for account recovery

Session Management

Active Sessions

View and manage logged-in devices: SettingsSecurityActive Sessions 
Chrome on macOS - San Francisco, CA
Last active: 5 minutes ago
[Revoke]

Safari on iPhone - San Francisco, CA  
Last active: 2 hours ago
[Revoke]
Revoke suspicious sessions immediately

Login History

Track authentication events:
  • Successful logins
  • Failed login attempts
  • Password changes
  • 2FA events
  • OAuth connections
Access: SettingsSecurityLogin History

API Keys

Manage API access tokens:
1

Create API Key

SettingsAPI Keys“Create Key”
2

Set Permissions

  • Read-only
  • Read/Write
  • Admin
3

Copy Token

Shown once - store securely
4

Revoke When Done

Delete unused keys regularly

Security Best Practices

  • 12+ characters
  • Mix of types
  • Unique per site
  • Password manager
Required for:
  • Owners and Admins
  • Production access
  • Recommended for all
  • Check active devices
  • Revoke unknown sessions
  • Verify locations
  • Quarterly rotation
  • Delete unused keys
  • Use least privilege

Next Steps

Authentication

Login methods and SSO

Team Management

Manage team access