Security
Account Security settings let you harden your Skytells account with two-factor authentication and other access protection controls — essential before managing production systems or shared team credentials.
Security in Settings is where you control the protection mechanisms on your Skytells account. Hardening your account here reduces the risk to every project, credential, and integration that sits behind it.
You should treat Security as required setup — not optional configuration — before:
- Creating API keys or access tokens for production systems.
- Inviting team members into projects.
- Deploying any workload accessible from the internet.
How to get here
- Open the Skytells Console and navigate to Settings in the left sidebar.
- Select Security in the Settings left rail.
What the Security page offers
The Security page surfaces the account protection controls available to your account. Controls shown here depend on your plan and account state. Common options include:
Two-factor authentication (2FA)
Two-factor authentication adds a second verification step at login — a time-based one-time code (TOTP) from an authenticator app. With 2FA enabled, a stolen password alone is not enough to access your account.
To enable 2FA:
- Open Settings → Security.
- Locate the two-factor authentication section.
- Follow the on-screen instructions to pair an authenticator app (Google Authenticator, 1Password, Authy, or any TOTP-compatible app).
- Save the recovery codes shown — store them somewhere secure and separate from your device.
- Confirm setup by entering the first generated code.
Save your recovery codes before finishing 2FA setup. If you lose access to your authenticator device and have no recovery codes, account recovery requires manual verification with Skytells support.
Account protection review
The Security page may surface the current protection status of your account — indicators of what is enabled and what is not — so you can assess your posture at a glance before making changes.
Why account security matters here
Skytells accounts hold production credentials, billing access, and operational control over infrastructure and deployments. A compromised account can:
- Expose or delete API keys and tokens used by production services.
- Access or terminate running instances and deployments.
- Incur compute and AI spend.
- Read prediction outputs and project data.
Account-level protection is your first line of defence for everything that runs on Skytells.
For the platform's security architecture and data handling model, see Security.
Related
- API Keys — credentials protected by account security.
- Access Tokens — scoped credentials that sit behind account access.
- Security (Platform) — how Skytells secures the platform, data, and infrastructure.
- Settings Overview — all account settings sections.
How is this guide?
Access Tokens
Account-level access tokens authorize Skytells apps, the CLI, and third-party integrations to act on your account. Create, scope, and revoke them from Settings in the Skytells Console.
Billing
The Billing page in Settings is where you manage your Skytells subscription, payment method, invoices, and cost visibility — in one place, for your entire account.