Key Man Out

Account Settings

Manage your Key Man Out account profile, security settings, authentication methods, notifications, and sessions. Learn about passkeys, 2FA, and account security.

Account Settings

Your Key Man Out account is separate from your team memberships and controls your personal authentication, profile, and security settings.

Accessing Account Settings

  1. Click your profile avatar or username in the top-right corner
  2. Select "Account Settings" from the dropdown menu
  3. You'll see several tabs for different settings categories

Profile Settings

Access the General tab in Account Settings to manage your personal information.

Editable Profile Fields

Full Name

  • Your display name shown to other team members
  • Used in access notifications and logs
  • Can be updated at any time

Email Address

  • Your primary email for login and notifications
  • Used for account recovery
  • Important: Changing your email requires verification

Profile Picture

  • Upload a custom avatar image
  • Default avatar shows your initials if no picture is set
  • Recommended size: 400x400 pixels, max 2 MB

Updating Your Profile

  1. Navigate to Account Settings > General
  2. Make your changes to any field
  3. Click "Save Changes"
  4. If you changed your email, check your inbox for a verification link

Note: Your email is used across all teams you belong to. Changing it updates your identity in all teams automatically.

Security Settings

Access the Security tab to manage authentication methods and security features.

Password Management

If you created your account with email/password authentication:

Changing Your Password

  1. Navigate to Account Settings > Security
  2. Find the "Password" section
  3. Click "Change Password"
  4. Enter your current password
  5. Enter your new password
  6. Confirm your new password
  7. Click "Update Password"

Password requirements:

  • Minimum 8 characters
  • Mix of uppercase and lowercase letters recommended
  • Include numbers and special characters for stronger security

Forgot Password

If you're already logged out:

  1. Go to the login page
  2. Click "Forgot Password?"
  3. Enter your email address
  4. Check your email for a password reset link
  5. Follow the link and enter your new password
  6. Your password is now reset

Security Tip: Use a unique, strong password. Consider using a password manager to generate and store complex passwords.

Linked Accounts (OAuth Providers)

Link your account to OAuth providers for easier login and account recovery options.

Available OAuth Providers

  • Google - Sign in with your Google account
  • Apple - Sign in with your Apple ID
  • GitHub - Sign in with your GitHub account

Linking a New Provider

  1. Navigate to Account Settings > Security > Linked Accounts
  2. Find the provider you want to link (e.g., Google)
  3. Click "Link Account"
  4. You'll be redirected to the provider's authorization page
  5. Approve the connection
  6. You'll be redirected back and the account is now linked

Unlinking a Provider

  1. Navigate to Account Settings > Security > Linked Accounts
  2. Find the linked provider
  3. Click "Unlink"
  4. Confirm the action

Important warnings:

  • Unlinking removes that login method
  • Ensure you have at least one other login method before unlinking
  • You cannot unlink all methods - at least one must remain

Best Practice: Link at least two authentication methods for account recovery options.

Passkeys (Biometric Authentication)

Passkeys provide secure, passwordless authentication using your device's biometric features (fingerprint, face ID) or PIN.

What are Passkeys?

  • Modern authentication standard (WebAuthn)
  • Uses your device's secure hardware
  • No password needed - authenticate with fingerprint, face ID, or device PIN
  • Resistant to phishing and password theft

Setting Up a Passkey

  1. Navigate to Account Settings > Security > Passkeys
  2. Click "Add Passkey"
  3. Enter a friendly name for the passkey (e.g., "MacBook Pro", "iPhone 14")
  4. Your browser will prompt you to authenticate:
    • On mobile: Use fingerprint or face ID
    • On desktop: Use fingerprint reader, camera (face ID), or security key
  5. The passkey is now registered

Managing Passkeys

  • View all registered passkeys with their names and creation dates
  • Click "Delete" next to any passkey to remove it
  • You can have multiple passkeys registered (one per device)

Using a Passkey to Log In

  1. Go to the login page
  2. Click "Sign in with Passkey" (or use the passkey button)
  3. Your browser prompts for biometric authentication
  4. Authenticate with your fingerprint, face ID, or device PIN
  5. You're instantly logged in

Recommendation: Set up passkeys on all your devices (phone, laptop, tablet) for convenient, secure access.

Phone Number (SMS Authentication)

Add your phone number for SMS-based login and two-factor authentication.

Adding a Phone Number

  1. Navigate to Account Settings > Security > Phone Number
  2. Click "Add Phone Number"
  3. Enter your phone number with country code (e.g., +1 555-123-4567)
  4. Click "Send Verification Code"
  5. Enter the 6-digit code sent via SMS
  6. Click "Verify"
  7. Your phone number is now linked

Updating Your Phone Number

  1. Navigate to Account Settings > Security > Phone Number
  2. Click "Change Phone Number"
  3. Enter your new phone number
  4. Verify with the SMS code
  5. Your phone number is updated

Removing Your Phone Number

  1. Navigate to Account Settings > Security > Phone Number
  2. Click "Remove Phone Number"
  3. Confirm the action

Note: Ensure you have other authentication methods enabled before removing your phone number.

Using SMS to Log In

  1. Go to the login page
  2. Click "Sign in with Phone"
  3. Enter your phone number
  4. Enter the verification code sent via SMS
  5. You're logged in

Notification Preferences

Control what emails you receive from Key Man Out.

Available Notification Settings

  • Access Notifications: Get notified when someone views secrets in your assets
  • Team Invitations: Receive emails when invited to teams
  • Security Alerts: Important account security notifications
  • Product Updates: News and feature announcements

Managing Notifications

  1. Navigate to Account Settings > Notifications
  2. Toggle each notification type on or off
  3. Changes are saved automatically

Recommendation: Keep security alerts and access notifications enabled for important security awareness.

Account Sessions

View and manage your active login sessions across devices.

Viewing Active Sessions

  1. Navigate to Account Settings > Sessions
  2. See a list of all active sessions with:
    • Device type and browser
    • IP address
    • Last activity timestamp
    • Current session indicator

Terminating Sessions

To log out of a specific device:

  1. Find the session you want to terminate
  2. Click "Revoke" or "Log Out"
  3. That device is immediately logged out

To log out of all other devices:

  1. Click "Log Out All Other Sessions"
  2. Confirm the action
  3. All sessions except your current one are terminated

Security Tip: Regularly review your sessions and revoke any you don't recognize. This helps identify potential unauthorized access.

Danger Zone

The Danger Zone contains irreversible actions that permanently affect your account.

Deleting Your Account

⚠️ WARNING: This action is permanent and cannot be undone.

What Happens When You Delete Your Account

  • Your user account is permanently deleted
  • You are removed from all teams you belong to
  • Your personal profile information is destroyed
  • All authentication methods are revoked

What is NOT deleted:

  • Teams you own will remain (ownership must be transferred first, contact support)
  • Assets you created remain in their teams (Custodian role transfers to team owner)
  • Access logs and audit trails are preserved for security

Deletion Process

  1. Navigate to Account Settings > Danger Zone
  2. Click "Delete Account"
  3. A confirmation modal appears with warnings
  4. Enter your password or authenticate via your current method
  5. Type DELETE to confirm (case-sensitive)
  6. Click "Permanently Delete My Account"

Important pre-deletion steps:

  1. Download all important information from your assets
  2. Transfer team ownership if you own teams (contact support)
  3. Revoke API keys or integrations if you have any
  4. Save your teams' key phrases if you're the sole custodian
  5. Notify team members if you're in a critical role

Alternative: Instead of deleting your account, consider just leaving teams you no longer need to be in. This preserves your account for potential future use.

Two-Factor Authentication (2FA)

Enhance your account security with two-factor authentication.

Setting Up 2FA

  1. Navigate to Account Settings > Security > Two-Factor Authentication
  2. Click "Enable 2FA"
  3. Choose your 2FA method:
    • Authenticator App (recommended): Use Google Authenticator, Authy, 1Password, etc.
    • SMS: Receive codes via text message
  4. Follow the setup instructions:
    • For authenticator apps: Scan the QR code or enter the setup key
    • For SMS: Verify your phone number
  5. Enter a test code to confirm setup
  6. Save your recovery codes in a secure location
  7. 2FA is now enabled

Recovery Codes

When you enable 2FA, you receive recovery codes:

  • Use these if you lose access to your 2FA device
  • Each code can be used only once
  • Store them in a secure location (password manager, safe, etc.)
  • Do not lose these - they're your backup access method

Using 2FA to Log In

  1. Enter your email/password (or use OAuth/passkey/phone)
  2. You'll be prompted for your 2FA code
  3. Open your authenticator app and enter the 6-digit code
  4. You're logged in

Disabling 2FA

  1. Navigate to Account Settings > Security > Two-Factor Authentication
  2. Click "Disable 2FA"
  3. Enter your password or current 2FA code
  4. Confirm the action
  5. 2FA is disabled

Security Recommendation: Always enable 2FA for maximum account security, especially if you're a team owner or custodian of sensitive assets.

Best Practices

Account Security

  1. Use a strong, unique password for your Key Man Out account
  2. Enable two-factor authentication (2FA) for extra protection
  3. Link multiple authentication methods for recovery options
  4. Set up passkeys on all your devices for convenient, secure access
  5. Regularly review active sessions and revoke unknown ones
  6. Keep your email address secure - it's the primary recovery method

Profile Management

  1. Use your real name so team members can identify you easily
  2. Add a profile picture for better visual recognition
  3. Keep contact information up-to-date for team communication
  4. Use a professional email if using Key Man Out for business

Recovery Planning

  1. Link at least two authentication methods (e.g., password + Google OAuth)
  2. Save 2FA recovery codes in a secure location
  3. Document your authentication setup in a secure note outside Key Man Out
  4. Consider setting up passkeys on multiple devices
  5. Keep your phone number up-to-date for SMS recovery

Common Questions

I forgot my password and my 2FA device is lost. What do I do?

If you have:

  • Recovery codes: Use them to bypass 2FA
  • Linked OAuth account: Log in with Google/Apple/GitHub instead
  • Passkey set up: Use passkey login
  • None of the above: Contact support with proof of identity

Can I use the same email for multiple accounts?

No, each email address can only be associated with one Key Man Out account. If you need separate accounts, use different email addresses.

What happens to my teams if I delete my account?

  • Teams you own: Must transfer ownership first (contact support)
  • Teams you're a member of: You're automatically removed
  • Assets you created: Custodian role transfers to the team owner

How do I change my username or display name?

Update your Full Name in Account Settings > General. This is your display name shown throughout the application.

Can I merge two accounts?

Account merging is not currently supported. If you have multiple accounts:

  1. Choose one as your primary account
  2. Re-join teams using your primary account
  3. Delete or abandon secondary accounts

Is my personal data shared with teams?

Yes, team members can see:

  • Your name
  • Your email address
  • Your profile picture

This information is visible to all members of teams you belong to for collaboration and accountability purposes.

How do I export my account data?

Currently, automatic data export is not available. To save your data:

  1. Manually copy asset information from each team
  2. Download all file attachments
  3. Take screenshots or notes of important settings
  4. Contact support for assistance with bulk exports

Can I temporarily disable my account?

There is no "disable" or "pause" feature. You can:

  1. Log out and not use the account
  2. Leave teams to remove access to team assets
  3. Delete the account if you won't use it again (permanent)

How do I report a security issue with my account?

If you notice suspicious activity:

  1. Immediately change your password
  2. Review and revoke unknown sessions in Account Settings > Sessions
  3. Enable 2FA if not already enabled
  4. Check access logs in assets you own
  5. Contact support with details of the suspicious activity

Security Model

Understand Key Man Out's zero-knowledge security architecture, client-side encryption, sealed vault system, and best practices for protecting your sensitive assets.