# Security

## Getting Here <a href="#getting-here" id="getting-here"></a>

**Settings > My Profile > Security**

***

## My Profile - Security <a href="#my-profile---security" id="my-profile---security"></a>

The **Security** page under "My Profile" allows users to manage their password and multi-factor authentication (MFA) settings for enhanced account security.

***

### Page Sections <a href="#page-sections" id="page-sections"></a>

#### 1. Change Password <a href="#id-1-change-password" id="id-1-change-password"></a>

* **Description**: Allows the user to initiate a password reset.
* **Action**:
  * **Button**: `RESET YOUR PASSWORD`
  * **Behavior**: Clicking the button sends an email with a password reset link.

***

#### 2. Multi-Factor Authentication (MFA) <a href="#id-2-multi-factor-authentication-mfa" id="id-2-multi-factor-authentication-mfa"></a>

**Authenticator App**

* **Description**: Enables Time-Based One-Time Password (TOTP) authentication using an external authenticator app (e.g., Google Authenticator).
* **Status**: `ENABLED` (cannot be disabled if required by the company administrator).
* **Message**:

  > "You cannot disable Two-Factor Authentication because it is required by your company administrator."
* **Actions**:
  * **ADD ANOTHER DEVICE**: Allows the user to register an additional device for MFA.

**Device List**

* **Description**: Displays a list of registered devices for MFA.
* **Columns**:
  * **Device**: The name of the registered device (e.g., `iphone`).
  * **Created Date**: The date and time the device was registered (e.g., `2024-12-16 17:40`).

***

#### 3. Email Authentication <a href="#id-3-email-authentication" id="id-3-email-authentication"></a>

* **Description**: Allows authentication using a One-Time Password (OTP) sent to the user's email address.
* **Status**: `ENABLED`.
* **Behavior**: Once enabled, the user can authenticate using an email OTP.

***

### Notes <a href="#notes" id="notes"></a>

* **Reset Password**: Password changes must be completed via the reset link sent to the user's email.
* **MFA Status**: If multi-factor authentication is enforced by the company administrator, users cannot disable it.
* **Device Management**: Users can add new devices for MFA but cannot remove devices unless explicitly permitted.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/settings/profile/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.