Keeping Your Account Secure
Role and permission best practices to protect your business data and limit unauthorized access.
Use the minimum necessary role
Assign Owner only to the person responsible for billing and legal decisions. Use Admin for managers who need to configure settings. Assign Member to everyone else and enable only the modules they use day-to-day. Limiting access reduces exposure if credentials are compromised.
Remove ex-employees promptly
When someone leaves the business, remove them from Settings immediately. Their session is invalidated at once. Do not leave inactive accounts, as they remain a potential entry point.
Limit Owner accounts
There should be at most two Owner accounts — typically the business owner and one trusted backup. The Owner role can change billing, delete data, and modify all settings. Share that level of access sparingly.
Use strong, unique passwords
Use a password manager to generate a strong unique password for each person. Avoid reusing passwords across services. If you suspect a password has been compromised, the account holder can reset it from the login page immediately.
Still have questions?
Our support team typically replies within 24 hours on business days.
Contact support