Skip to content

Security & Two-Factor Authentication

Stridevox includes optional two-factor authentication (2FA) using TOTP (Time-based One-Time Passwords) for an extra layer of security on your account.

Two-Factor Authentication (2FA)

What Is 2FA?

Two-factor authentication adds a second step to your login. After entering your password, you'll also need a 6-digit code from an authenticator app. Even if someone knows your password, they can't log in without your phone.

Setting Up 2FA

  1. Go to Settings > Account
  2. Find the Two-Factor Authentication section
  3. Click Enable Two-Factor Authentication
  4. A QR code appears on screen
  5. Open your authenticator app and scan the QR code:
    • Google Authenticator (iOS / Android)
    • Authy (iOS / Android / Desktop)
    • 1Password, Bitwarden, or any TOTP-compatible app
  6. If you can't scan the QR code, click Manual Entry to see the secret key and type it in manually
  7. Enter the 6-digit code from your authenticator app to verify
  8. Save your backup codes (see below)
  9. Click Done

2FA is now active

From now on, you'll need your authenticator app every time you log in.

Logging In with 2FA

  1. Enter your username and password as usual
  2. A new screen appears asking for your verification code
  3. Open your authenticator app and enter the current 6-digit code
  4. Click Verify

Codes change every 30 seconds

TOTP codes refresh automatically. If a code doesn't work, wait for a new one to appear in your authenticator app.

Backup Codes

When you enable 2FA, Stridevox generates backup codes — one-time-use codes that work in place of your authenticator app.

Save these codes securely! You'll need them if:

  • You lose your phone
  • Your authenticator app is uninstalled
  • You can't access your authenticator for any reason

Using a Backup Code

  1. On the 2FA verification screen, click Use Backup Code
  2. Enter one of your backup codes
  3. Click Verify

Each backup code can only be used once. After use, it's invalidated.

Regenerating Backup Codes

If you've used most of your backup codes or want new ones:

  1. Go to Settings > Account > Two-Factor Authentication
  2. Click Regenerate Backup Codes
  3. Save the new codes — the old ones are invalidated

Old codes stop working

When you regenerate backup codes, all previous backup codes are permanently invalidated. Make sure to save the new ones.

Disabling 2FA

  1. Go to Settings > Account > Two-Factor Authentication
  2. Click Disable 2FA
  3. Confirm the action

2FA is removed from your account and you'll only need your password to log in.

Password Security

How Passwords Are Stored

Stridevox uses Argon2 for password hashing — currently the most secure password hashing algorithm, winner of the Password Hashing Competition. Your password is never stored in plain text.

Forgot Password

If you've set an email on your account:

  1. On the login screen, click Forgot Password
  2. Enter your email address
  3. Check your email for a reset link
  4. Click the link and set a new password

Email required

Password reset requires a configured email address. If you haven't set one, an administrator can reset your password for you.

Account Lockout

After multiple failed login attempts, your account may be temporarily locked to prevent brute-force attacks. Wait a few minutes and try again.

Data Encryption

Stridevox encrypts sensitive data at rest:

Data Encryption
Passwords Argon2 hash (irreversible)
Garmin credentials Fernet symmetric encryption
AI API keys Fernet symmetric encryption
Session tokens JWT with expiration

Encryption key

All Fernet encryption uses a key derived from the server's SECRET_KEY. This key is set during installation and should never be changed.