Password and Security Settings

Healthie's Password & Security settings give you control over your individual account's security configuration, including your password, passkeys, multi-factor authentication (MFA) methods, and active login sessions. This includes standard & support accounts only, not client accounts.

In this article:

Access Password & Security Settings

Settings > Account > click the Password & Security button.

Provider access to Privacy & Security
Provider view of Privacy & Security

Change Password

You can update your account password at any time from the Password & Security page.

To change your password:

  1. Enter your current password.
  2. Enter your new password.
  3. Click Save.

If you've forgotten your password and need to reset it from the login page, see Resetting Your Password.

Manage Passkeys

Passkeys are a fast, phishing-resistant alternative to passwords. They use cryptographic keys stored securely on your device — such as Face ID, Touch ID, or a hardware security key — and cannot be reused, guessed, or phished.

Note: Passkeys are not a method of multi-factor authentication (MFA). If MFA is enabled for your account, you will still be required to complete the MFA challenge after authenticating with a passkey.

From the Password & Security page, you can:

  • View your registered passkeys, including when each was registered.
  • Delete a passkey if you want to set up a new one.

Manage Multi-Factor Authentication (MFA) Methods

Multi-factor authentication adds an extra verification step each time you log in, helping protect your account from unauthorized access. When MFA is enabled for your organization, you will be prompted to setup an MFA method during your next login & will obtain your backup / recovery code.

Details on this first login experience can be found here: Multi-Factor Authentication.

Multiple MFA methods can be active at the same time. We recommend setting up more than one method so you always have a backup way to log in. This can be done within your Account Settings.

If your organization requires MFA, at least one method of MFA must be maintained.

Setting up MFA through Settings

  1. Navigate to Settings > Account > Password & Security.
  2. Under Multi-Factor Authentication, select the method you'd like to add.
  3. Follow the on-screen prompts to complete setup.

Removing an MFA method

You can remove an MFA method at any time, but your account must always have at least one active MFA method. If you only have one method configured, you will need to add another before removing it.

MFA recovery codes

When you set up MFA, you will receive a recovery code. Store this code in a safe place. If you are unable to access your primary MFA method — for example, if your phone service is unavailable and SMS is your only configured method — your recovery code allows you to log back into your account.

If an admin needs to reset MFA for a provider, or request MFA for their organization, see Account Protection & Multi-Factor Authentication.

Login Sessions

The Login Sessions section shows all active sessions tied to your account. For each session, you can view:

  • Device type
  • Geographic location
  • IP address
  • Time of last activity

Managing sessions

  • Log out of an individual session: Click the log out option next to any session to remotely revoke access for that device.
  • Log out all other sessions: Use this option to instantly revoke access from every active session except your current one. This is useful if you suspect unauthorized access to your account.

Note: Session changes take effect when the page is reloaded.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Related Articles