Skip to content

Account Security

The Partner Portal uses the same account system as the Enclave Portal. If you already have an Enclave account, you use the same credentials to sign in to both.

Sign-in methods

The Partner Portal supports the following sign-in methods:

  • Email and password - a local account managed directly by Enclave.
  • GitHub - sign in using your GitHub account.
  • Google - sign in using your Google account.
  • Microsoft - sign in using your Microsoft account.

If your organisation uses a different identity provider, Enclave supports OpenID Connect federation. Contact the Enclave team to discuss setup.

Two-factor authentication

How you manage two-factor authentication (2FA) depends on how you sign in.

SSO accounts (GitHub, Google, Microsoft)

If you sign in with an external provider, your multi-factor authentication is managed by that provider. Configure 2FA in your GitHub, Google, or Microsoft account settings. Enclave does not add a separate 2FA step on top of your provider's authentication.

Email and password accounts

If you created an Enclave account directly with an email and password, you can enable 2FA from the My Account page. Enclave uses time-based one-time passwords (TOTP), which work with authenticator apps such as Google Authenticator, Microsoft Authenticator, Authy, or 1Password.

To enable 2FA:

  1. Go to My Account and select Enable Two-Factor Authentication.
  2. Scan the QR code with your authenticator app, or enter the setup key manually.
  3. Enter the six-digit code from your authenticator app to verify the setup.
  4. Save your recovery codes in a secure location. These are single-use codes that allow you to sign in if you lose access to your authenticator app.

You can disable 2FA from the My Account page. You will be asked to re-enter your password to confirm.

Recovery codes

Recovery codes are generated when you enable 2FA. Each code can only be used once. If you have used most of your recovery codes, you can generate a new set from the My Account page - this invalidates all previous codes.

Changing your password

If you have an email and password account, select Change Password on the My Account page. You will be asked to enter your current password before setting a new one.

Step-up authentication

Certain sensitive operations - such as changing your password or managing 2FA - require you to re-enter your password even if you are already signed in. This protects your account if a session is left unattended.