Nexte
FeaturesTestimonialsRoadmapDocs

Create my workspace

Account security

Password, 2FA, sessions, backup codes, and audit.

Your Nexte account holds client data, invoices, communications, and payment settings — a prime target for attackers. Enable every available security measure (5 minutes total) to move from `high` to `negligible` risk level.

Password

Settings → Security → Password. Requirements: minimum 12 characters, at least 1 uppercase, 1 digit, 1 special character. Nexte auto-checks via HaveIBeenPwned whether the password has been leaked in a known breach.

  • Use a password manager: 1Password, Bitwarden, Apple Keychain. Don't try to memorize.
  • A unique password: never shared with another service. A leak elsewhere doesn't compromise Nexte.
  • Rotation: change every 6-12 months minimum. Required after suspected compromise.
  • Never send: via email, Slack, SMS. Use Nexte's invitation to create a new account.

Two-factor authentication (2FA)

Settings → Security → 2FA. Scan the QR code with Google Authenticator, Authy, 1Password, or Raycast Authenticator. On every login, a 6-digit code is required after your password. Even if your password leaks, the attacker can't log in without your phone.

  • TOTP (via app): recommended method. Works offline, independent of your carrier.
  • SMS: available but discouraged (SIM swapping is possible). Use only as a backup.
  • Physical WebAuthn/FIDO2 key (Agency): YubiKey, Titan Key. Maximum security level for high-stakes accounts.

Backup codes

When enabling 2FA, Nexte generates 10 one-time codes. Download them as PDF or print them, and store them somewhere safe (not on your phone). Used if you lose your phone.

Without backup codes AND without your phone, access recovery takes 72h (identity verification via support) and can lead to a temporary data freeze.

Active sessions

Settings → Security → Active sessions. View connected devices with IP, browser, last activity, and rough location (based on IP). Remotely log out any session in one click.

  • Abnormal session: unusual IP, unexpected country, never-seen browser. Log out immediately and change password.
  • Session duration: 30 days default. Customizable in Settings (down to 1h for sensitive environments).
  • Auto-logout: after 7 days of inactivity. Configurable by Agency admin.
  • Device fingerprinting: Nexte detects major changes (new country, new browser) and requires re-authentication.

Change login email

Settings → Security → Login email. A 6-digit confirmation code is sent to the new address (valid 15 minutes). Once validated, the old email is removed immediately. Your data stays tied to the same account.

Audit log

Settings → Security → Audit log. Complete history of sensitive actions: logins (successful and failed), password changes, 2FA enabled/disabled, data exports, add/remove members. Kept 90 days (Independent) or 1 year (Agency). Exportable as CSV.