> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dodonate.org/llms.txt
> Use this file to discover all available pages before exploring further.

# How to Keep Your Do Donate Account Safe and Secure

> Protect your Do Donate account with a strong password, two-factor authentication, and active session management to stay safe online.

Keeping your Do Donate account secure protects your personal information, your campaign funds, and the donors who trust you. Do Donate provides several built-in tools to help you stay in control of who can access your account and how. Taking a few minutes to review your security settings can make a significant difference.

<Warning>
  Do Donate will never ask for your password via email or chat. If you receive such a request, it is a phishing attempt. Do not click any links in the message and report it to our support team immediately.
</Warning>

## Setting a strong password

A strong password is your first line of defense. Follow these guidelines when creating or updating your Do Donate password:

* Use at least 12 characters.
* Combine uppercase and lowercase letters, numbers, and symbols.
* Avoid using your name, email address, or common words.
* Do not reuse a password you use on another site or service.
* Consider using a password manager to generate and store a unique password for your account.

To update your password, go to **Account Settings > Security > Change Password**.

## Two-factor authentication (2FA)

Two-factor authentication adds a second layer of security by requiring a verification code in addition to your password when you log in. Even if someone obtains your password, they cannot access your account without this code.

<Steps>
  <Step title="Open Security settings">
    Go to **Account Settings** and select the **Security** tab.
  </Step>

  <Step title="Enable 2FA">
    Click **Enable Two-Factor Authentication**.
  </Step>

  <Step title="Choose your verification method">
    Select either **Authenticator App** (recommended) or **SMS**. If you choose an authenticator app, scan the QR code using an app such as Google Authenticator or Authy. If you choose SMS, enter your phone number to receive codes by text message.
  </Step>

  <Step title="Confirm and save backup codes">
    Enter the verification code to confirm that 2FA is working correctly. Save the backup codes displayed on screen in a secure location — you will need them if you ever lose access to your verification method.
  </Step>
</Steps>

## Viewing active sessions

Do Donate lets you see every device and location where your account is currently logged in. To review your active sessions:

1. Go to **Account Settings** and open the **Security** tab.
2. Scroll to the **Active Sessions** section.
3. Review the list of devices, browsers, and approximate locations shown.

If you see a session you do not recognize, end it immediately using the **Revoke** button next to that entry.

## Logging out of all devices

If you suspect unauthorized access or you have recently used a shared device, you can log out of all active sessions at once:

1. Go to **Account Settings > Security > Active Sessions**.
2. Click **Log Out of All Devices**.
3. You will be signed out everywhere and redirected to the login page.

You will need to sign in again on any device you want to continue using.

## What to do if your account is compromised

If you believe someone has gained unauthorized access to your account, act quickly:

1. **Change your password immediately** — go to **Account Settings > Security > Change Password** and set a new, strong password.
2. **Enable or reset 2FA** — if you have not already enabled two-factor authentication, do so now. If 2FA was already active, review and reset your backup codes.
3. **Log out of all devices** — use the **Log Out of All Devices** option to end any unauthorized sessions.
4. **Review recent activity** — check your donation history, campaign activity, and any changes made to your profile or payment details.
5. **Contact support** — reach out to the Do Donate support team at [support@do-donate.com](mailto:support@do-donate.com) to report the incident. Our team can help you secure your account and investigate any unauthorized actions.
