Two Factor Auth
The codebase has strong credential and permission controls, but I did not find a native TOTP-style two-factor module, so this page explains the implemented security model honestly.
Security: Two-Factor Authentication
2FA is Enabled
Your account is protected with an additional layer of security.
How it works in the app
Security is strongest around permission checks, password-reset flows for multiple account types, webhook signatures, feed authentication, app credentials, and company-scoped data isolation.
I did not find a native TOTP two-factor module, IP whitelist subsystem, or in-app GDPR operations console, so those labels need a narrower explanation than the old placeholder copy.
Included in the current implementation
Permission-based employee access
Password reset tokens for several account types
Signed webhooks and app credentials
Company-scoped repository access
Need security messaging that matches the code instead of the brochure?
The current platform already has real access-control and signed-integration controls, even where some enterprise labels are still broader than the implementation.