Authentication

Penvio supports multiple authentication methods to keep your account secure.

Email & Password

The default authentication method. Use a strong, unique password and consider enabling two-factor authentication.

Password Requirements

• Minimum 8 characters
• At least one uppercase letter
• At least one lowercase letter
• At least one number
• At least one special character recommended

Changing Your Password

1. Go to Settings → Security
2. Click Change Password
3. Enter your current password
4. Enter and confirm your new password
5. Click Update Password

Google OAuth

Sign in with your Google account:

1. Click “Sign in with Google” on the login page
2. Select your Google account
3. Grant Penvio the required permissions

SAML SSO (Enterprise)

Business and Enterprise plans support SAML 2.0 single sign-on:

• Integrate with your identity provider (Okta, Azure AD, OneLogin, etc.)
• Centralized user management
• Automatic provisioning with SCIM

See SAML SSO Configuration for setup instructions.

Two-Factor Authentication (2FA)

Add an extra layer of security with time-based one-time passwords (TOTP).

How It Works

When 2FA is enabled:

1. Enter your email and password as usual
2. Open your authenticator app
3. Enter the 6-digit code displayed
4. Access granted

Supported Authenticator Apps

Any TOTP-compatible app works:

• Google Authenticator
• Microsoft Authenticator
• Authy
• 1Password
• Bitwarden
• And many others

Setting Up 2FA

Backup Codes

When you enable 2FA, you receive 10 backup codes:

• Each code can only be used once
• Use them if you can’t access your authenticator
• Generate new codes anytime (invalidates old ones)

To generate new backup codes:

1. Go to Settings → Security
2. Click Regenerate Backup Codes
3. Save the new codes securely

Signing In with 2FA

After entering your password:

1. Open your authenticator app
2. Find the Penvio entry
3. Enter the current 6-digit code
4. Code changes every 30 seconds

Using a backup code:

1. Click Use a backup code
2. Enter one of your saved backup codes
3. That code is now used and cannot be reused

Disabling 2FA

1. Go to Settings → Security
2. Click Disable Two-Factor Authentication
3. Enter a verification code from your authenticator
4. Confirm disabling

Lost Access to Authenticator

If you lose your authenticator device:

1. Use a backup code to sign in
2. Go to Settings → Security
3. Disable and re-enable 2FA with your new device

If you don’t have backup codes, contact support for account recovery verification.

Session Management

View and manage your active sessions:

Viewing Sessions

1. Go to Settings → Security
2. Scroll to Active Sessions
3. See all devices where you’re signed in

Session information includes:

• Device type and browser
• Location (approximate, based on IP)
• Last activity time
• Current session indicator

Revoking Sessions

To sign out a specific device:

1. Find the session in the list
2. Click Revoke
3. That device is immediately signed out

Sign Out Everywhere

To sign out all devices except your current one:

1. Go to Settings → Security
2. Click Sign Out All Other Sessions
3. Confirm the action

Security Best Practices

Next Steps

• Account Setup - Configure your profile settings
• Organizations - Set up your team workspace
• SAML SSO Configuration - Configure enterprise single sign-on