Account Security Best Practices

Protecting your LinkLoom account is essential for safeguarding your content, team data, and business information. This guide covers security best practices and available features.

Password Security

Creating a Strong Password

Your password should:

Be at least 12 characters long
Include uppercase and lowercase letters
Contain numbers and special characters
Be unique (not used elsewhere)
Avoid common words or patterns

Password Examples

Weak: password123, CompanyName2024
Strong: Tr@vel$ky!Jump92Blue

Changing Your Password

Go to Settings > Security or Account
Find Password or Change Password
Enter your current password
Enter and confirm new password
Click Update

Two-Factor Authentication (2FA)

What Is 2FA?

2FA adds a second verification step:

Something you know (password)
Something you have (phone, authenticator app)

Enabling 2FA

If available:

Go to Settings > Security
Find Two-Factor Authentication
Click Enable
Scan QR code with authenticator app
Enter verification code
Save backup codes

Recommended Authenticator Apps

Google Authenticator
Authy
1Password
Microsoft Authenticator

Session Security

Active Sessions

Monitor where you're logged in:

Go to Settings > Security > Sessions
View all active sessions
See device, location, and last activity
Revoke sessions you don't recognize

Session Timeout

Sessions expire for security:

Extended inactivity triggers logout
Sensitive actions may require re-authentication
Close browser to end session

Recognizing Security Threats

Phishing Attempts

Be wary of:

Emails asking for password
Links to fake login pages
Urgent requests for credentials
Unexpected password reset emails

What to Do

Never share your password
Check URLs carefully before logging in
Report suspicious emails
Use bookmarks for LinkLoom login

Team Security

Managing Access

Remove team members who leave
Review permissions regularly
Use least-privilege principle
Monitor team activity

Role-Based Access

Assign appropriate roles:

Don't give everyone Owner access
Editors for content creators
Viewers for stakeholders
Owners for administrators only

API and Integration Security

API Tokens

If you use API tokens:

Keep tokens secret
Rotate tokens periodically
Revoke unused tokens
Use tokens with minimal permissions

Third-Party Integrations

When connecting services:

Only connect trusted applications
Review permissions requested
Revoke access when no longer needed
Monitor integration activity

Security Checklist

Regular Tasks

Update password every 6-12 months
Review active sessions monthly
Audit team member access quarterly
Check connected applications
Update recovery information

After Security Concerns

If you suspect a breach:

Change your password immediately
Revoke all active sessions
Enable 2FA if not already
Review recent account activity
Contact support if needed

Recovery Options

Account Recovery

Set up recovery options:

Verified email address
Phone number (if supported)
Backup codes for 2FA
Recovery questions (if available)

Lost Access

If you can't log in:

Use Forgot Password link
Check for verification email
Use backup codes for 2FA
Contact support with verification

Data Protection

Your Content

LinkLoom protects your content with:

Encryption in transit (HTTPS)
Encryption at rest
Regular backups
Access controls

Exporting Data

You can export your content:

Download articles as files
Export in various formats
Maintain local backups

Reporting Issues

Security Concerns

If you notice:

Unauthorized access
Suspicious activity
Potential vulnerabilities

Contact LinkLoom security team through:

Support channels
Security email (if provided)
In-app reporting