Account Security and Settings

Keep your FeatureShark account secure and properly configured with these essential security practices and settings.

Password Security

Creating a Strong Password

Your password should:

• Be at least 8 characters long
• Include uppercase and lowercase letters
• Contain numbers and special characters
• Avoid common words or personal information

Changing Your Password

1. Go to Account Settings → Security
2. Click Change Password
3. Enter your current password
4. Enter and confirm your new password
5. Click Update Password

Password Requirements

• Minimum 8 characters
• Maximum 100 characters
• Cannot reuse last 5 passwords
• Must be changed every 90 days (Enterprise only)

Two-Factor Authentication (2FA)

Enabling 2FA

1. Navigate to Account Settings → Security
2. Click Enable Two-Factor Authentication
3. Choose your method:
   • Authenticator App (recommended)
   • SMS Text Messages
4. Follow the setup instructions
5. Save backup codes in a secure location

Using Authenticator Apps

Recommended apps:

• Google Authenticator
• Authy
• Microsoft Authenticator
• 1Password

Backup Codes

• Generated when you enable 2FA
• Use if you lose access to your device
• Each code can only be used once
• Generate new codes if you run out

Disabling 2FA

⚠️ Security Warning: Only disable 2FA if absolutely necessary.

1. Go to Security Settings
2. Click Disable 2FA
3. Enter your password and current 2FA code
4. Confirm the action

Login Activity

Monitoring Your Account

The Login Activity section shows:

• Recent login attempts
• IP addresses and locations
• Device and browser information
• Success/failure status

Suspicious Activity Signs

Watch for:

• Logins from unknown locations
• Failed login attempts
• Unfamiliar devices or browsers
• Login times that don't match your usage

Securing Compromised Accounts

If you suspect unauthorized access:

1. Change your password immediately
2. Enable 2FA if not already active
3. Review team member access
4. Check billing and usage logs
5. Contact support for assistance

Account Information

Personal Details

Keep these updated:

• Full name
• Email address
• Phone number
• Time zone
• Language preferences

Updating Email Address

1. Go to Account Settings → Profile
2. Click Change Email
3. Enter your new email address
4. Verify the new email
5. Confirm the change

Profile Picture

• Upload a custom image
• Supports JPG, PNG, GIF formats
• Maximum file size: 2MB
• Recommended size: 200x200 pixels

Team and Access Management

Team Member Roles

• Owner: Full account access
• Admin: Most permissions except billing
• Member: Standard user access
• Viewer: Read-only access

Inviting Team Members

1. Go to Team Settings
2. Click Invite Member
3. Enter email address
4. Select role and permissions
5. Send invitation

Managing Permissions

Control what team members can do:

• View/edit projects
• Manage feature requests
• Access analytics
• Modify settings
• Invite other members

Removing Team Members

1. Find the member in your team list
2. Click Remove next to their name
3. Confirm the action
4. They'll lose access immediately

API and Integration Security

API Keys

• Generate keys in Integrations → API Access
• Each key has specific permissions
• Regenerate keys if compromised
• Delete unused keys regularly

Webhook Security

• Use HTTPS endpoints only
• Verify webhook signatures
• Implement rate limiting
• Monitor webhook logs

Third-Party Integrations

• Review connected services regularly
• Revoke access for unused integrations
• Check permissions granted to each app
• Monitor integration activity logs

Data and Privacy Settings

Data Export

• Export your data anytime
• Includes feature requests, votes, and comments
• Available in JSON or CSV format
• Processing time: 24-48 hours

Account Deletion

⚠️ Warning: This action cannot be undone.

To delete your account:

1. Cancel any active subscriptions
2. Export your data (if needed)
3. Go to Account Settings → Delete Account
4. Enter your password and confirmation text
5. Click Delete Account Permanently

GDPR Compliance

• Request data export
• Ask for data deletion
• Update consent preferences
• Contact privacy@featureshark.com

Session Management

Active Sessions

View and manage:

• Current login sessions
• Device and location info
• Last activity timestamp
• Session duration

Ending Sessions

• Sign Out Everywhere: Ends all active sessions
• Individual Sessions: End specific sessions
• Useful if you lose a device

Session Security

• Sessions expire after 30 days of inactivity
• Renewed with each login
• Automatically ended on password change

Notifications and Alerts

Security Notifications

Receive alerts for:

• New device logins
• Password changes
• 2FA modifications
• Suspicious activity

Managing Notifications

1. Go to Notification Settings
2. Choose delivery methods:
   • Email notifications
   • In-app alerts
   • SMS messages (if enabled)
3. Select which events to monitor

Best Security Practices

Regular Maintenance

• Update passwords quarterly
• Review team access monthly
• Check login activity weekly
• Update contact information as needed

Device Security

• Use up-to-date browsers
• Enable automatic updates
• Don't save passwords on shared devices
• Log out when using public computers

Network Security

• Avoid public Wi-Fi for sensitive actions
• Use VPN when necessary
• Ensure HTTPS connection
• Be cautious of phishing attempts

Getting Security Help

If you have security concerns:

• Immediate threats: security@featureshark.com
• General questions: support@featureshark.com
• Privacy matters: privacy@featureshark.com

Our security team responds to urgent matters within 2 hours during business hours.