Security
Security
TABLE OF CONTENTS
- Changing Your Password
- Audit Logs
- 2FA
1. CHANGING YOUR PASSWORD
Regularly updating your password keeps your account secure.
CHANGING YOUR PASSWORD:
Access Account Settings
- Click your profile icon (top right)
- Select "Settings" or "Account"
- Find "Password" or "Security" section
Enter Password Information
- Current password
- New password
- Confirm new password
Save Changes
- Click "Change Password"
- You may be logged out and need to log in again
PASSWORD REQUIREMENTS:
Your password must have: - At least 8 characters - At least one uppercase letter (A-Z) - At least one lowercase letter (a-z) - At least one number (0-9) - At least one special character (!@#$%^&*, etc.)
CREATING A STRONG PASSWORD:
DO: - Use 12+ characters for extra security - Mix letters, numbers, and symbols - Use a passphrase (multiple words) - Use a password manager - Create unique passwords for each service
DON'T: - Use common words (password, 123456) - Use personal information (birthdate, name) - Reuse passwords from other sites - Use sequential patterns (abc123, qwerty) - Share your password with anyone
IF YOU FORGOT YOUR PASSWORD:
- Go to the login page
- Click "Forgot Password?"
- Enter your email address
- Check email for reset link
- Click link and create new password
- Log in with new password
Reset links expire after a limited time.
WHEN TO CHANGE YOUR PASSWORD:
- It's been more than 90 days
- You suspect unauthorized access
- You shared it with someone
- You used it on an insecure network
- A service you use was breached
2. AUDIT LOGS
Audit logs record important actions in your Silobase account for security and compliance.
ACCESSING AUDIT LOGS:
- Go to Settings
- Select "Audit Logs" or "Activity Logs"
- View the activity history
(Note: Admin privileges required)
WHAT'S LOGGED:
User Actions: - Logins and logouts - Password changes - 2FA setup/changes - Profile updates
Asset Actions: - Assets created - Assets edited - Assets checked in/out - Photos uploaded
Administrative: - Users invited/added - Users deactivated - Settings changed - Plan/billing changes
INFORMATION RECORDED:
Each log entry shows: - Date and time - User who performed action - Action type - Details of what changed - IP address (for security)
FILTERING LOGS:
Filter by: - Date Range: Specific time periods - User: Actions by one person - Action Type: Login, asset edit, etc. - Status: Success or failed attempts
USING AUDIT LOGS:
For Security: - Monitor failed login attempts - Check for suspicious activity - Verify who accessed what
For Compliance: - Document access history - Prove proper procedures - Support audit requirements
For Troubleshooting: - See what changed and when - Identify who made changes - Understand sequence of events
EXPORTING AUDIT LOGS:
- Filter logs to desired scope
- Click "Export"
- Choose format (CSV, Excel)
- Save file for external use
3. TWO-FACTOR AUTHENTICATION (2FA)
2FA adds an extra layer of security by requiring both your password and a code from your phone.
SETTING UP 2FA:
- Go to Settings > Security or Account Settings
- Find "Two-Factor Authentication" and click "Enable"
- Scan the QR code with an authenticator app (Google Authenticator, Authy, Microsoft Authenticator)
- Enter the 6-digit code to verify setup
- Save your backup codes in a secure location
LOGGING IN WITH 2FA:
- Enter your email and password
- Open your authenticator app
- Enter the current 6-digit code
- Click "Verify"
BACKUP CODES:
- You receive backup codes when enabling 2FA
- Each code can only be used once
- Store them securely (password manager, safe location)
- Use if you lose access to your authenticator app
TIPS & BEST PRACTICES
- Use a password manager
- Enable Two-Factor Authentication
- Never share your password
- Set up passkeys on multiple devices
- Review audit logs regularly
- Export logs before retention period ends
- Report suspicious activity immediately
TROUBLESHOOTING
Q: I can't remember my current password
A: Use "Forgot Password?" to reset via email.
Q: New password isn't being accepted
A: Ensure it meets all requirements.
Q: I'm locked out after too many attempts
A: Wait a few minutes, then try again or reset via email.
Q: Password reset email not arriving
A: Check spam folder. Verify correct email address.
Q: I lost access to my 2FA app
A: Use backup codes. Contact support if no codes available.
Q: I don't see all actions in audit logs
A: Some minor actions may not be logged. Check filter settings.
Q: How long are logs retained?
A: Depends on your plan. Contact support for details.
Q: Can logs be edited?
A: No, audit logs are immutable for integrity.
Q: I see suspicious activity
A: Change passwords, review user access, contact support.