Account Security Best Practices

Keeping your StackBloom account secure protects your data, your customers, and your business. Follow these best practices.

Use a Strong Password

If you signed up with email and password, use a strong, unique password at least 12 characters long. Use a mix of letters, numbers, and symbols. Never reuse passwords across sites.

Sign In with Google or GitHub

The easiest way to secure your account is to sign in with Google or GitHub OAuth. This way your security depends on your Google/GitHub account, which likely already has 2FA enabled.

Keep Your Email Secure

Your StackBloom account is tied to your email address. If someone gains access to your email, they could reset your password. Enable 2FA on your email provider.

Be Careful with API Keys

If you use apps with API access (URL Shortener, Forms, Automations), treat your API keys like passwords. Never commit them to public code repositories or share them publicly.

Manage Team Member Access

If you grant team access to StackBloom apps, regularly review who has access and remove members who no longer need it. Use the minimum permissions necessary.

Monitor Account Activity

Check your account settings periodically for any unfamiliar sessions or connected applications. Contact support immediately if you notice suspicious activity.