VelumiDocs

Security

Account → Security

Password

Changing your password

Enter your current password and a new one. Passwords must be at least 8 characters and include an uppercase letter, a lowercase letter, a number, and a special character.

Changing your password signs out all other active sessions immediately.

Forgot your password

On the sign-in page, click Forgot password. Enter your email address and you'll receive a reset link. The link is single-use — if it expires or doesn't arrive, request a new one.

Two-factor authentication

Two-factor authentication (2FA) is required on all Velumi accounts. Every sign-in requires a second verification step after your password.

Email code (default)

By default, Velumi sends a one-time code to your email address each time you sign in. The code is valid for 3 minutes. You can request a new code if needed.

Authenticator app (TOTP)

For faster sign-in, you can set up an authenticator app such as 1Password, Bitwarden, Google Authenticator, or any TOTP-compatible app.

To enable:

  1. Go to Account → Security and click Set up authenticator app.
  2. Enter your current password to confirm.
  3. Scan the QR code with your authenticator app.
  4. Save the backup codes shown — these are the only way to recover access if you lose your authenticator device.
  5. Enter the 6-digit code from the app to confirm setup.

Once enabled, sign-in uses your authenticator app instead of email codes.

Backup codes

Backup codes are generated when you set up an authenticator app. Each code can be used once to sign in if you no longer have access to your authenticator app. Save them in a secure location when shown — they are not displayed again.

If you lose your backup codes and your authenticator device, contact support.

Removing the authenticator app

Go to Account → Security and click Remove authenticator app. You'll be asked for your current password. After removal, sign-in falls back to email codes — 2FA stays active.

Removing the authenticator app requires an email/password account. If you signed up with GitHub only, set a password first.

Trusted devices

On the 2FA screen during sign-in, you can check Trust this device. Trusted devices skip the 2FA step for future sign-ins from the same browser.

GitHub sign-in

You can link your GitHub account to sign in without a password.

Account → Security → GitHub

Click Connect GitHub and authorize the Velumi app. Once linked, the Sign in with GitHub button on the login page signs you in directly.

Unlinking GitHub

Click Disconnect next to GitHub. Unlinking is only available if you have another way to sign in — either a password or another linked provider. You cannot disconnect your only sign-in method.