Keep your account safe

Simple steps to protect your store, your team, and your customers.

5 min readUpdated 14 May 2026

Your store has money flowing through it and customer data inside it. A few small habits go a very long way toward keeping it all safe.

The essentials

  1. 1

    Sign in with the right email

    There are no passwords to remember — your store uses a passwordless flow. When you sign in, you enter your email and we send you a one-time verification code. Use an email address only you have access to, and treat the code like a password (don't share it).

  2. 2

    Keep your email account secure

    Since the verification code goes to your email, your email account is effectively your store's front door. Use a strong, unique password on your email, and turn on two-factor authentication if your provider supports it.

  3. 3

    Be careful what you click

    If you get an email asking you to sign in or share information, double-check the sender. We will never ask for your verification code by email, chat, or phone.

  4. 4

    Review your team regularly

    Every few months, open Team from your avatar menu and check who has access. Remove anyone who is not actively working with you anymore.

  5. 5

    Keep your devices up to date

    Run updates on your phone and computer regularly. Most security issues are fixed by updates that take a couple of minutes.

What we do on our side

  • Encrypt all data in transit so nothing can be snooped on its way to and from your dashboard
  • Use passwordless sign-in, so there is no password to leak or guess
  • Send fresh, short-lived verification codes for every sign-in
  • Run regular security reviews of our systems and software
  • Keep automatic backups of your data so it is never lost

We will never ask for your verification code

No real support team — ours or anyone else worth trusting — will ever ask you to share your sign-in code by email, chat, or phone. If anyone does, do not share it and let us know.

Frequently asked questions

What if I think someone got into my account?

Sign in yourself first to take back the session, then contact support — we can review activity, sign out other sessions, and lock things down while we investigate. Also reset your email account's password, since that is where the sign-in codes are delivered.

There is no password — what's my second factor?

Your email is the second factor by design. The first factor is knowing your email address; the second is being able to receive the one-time code we send to it. Keep your email account tight (strong password, two-factor authentication on the provider) and your store is well protected.

What about my customer data?

Customer data lives behind your account. Anyone with access to your dashboard can see it, so be careful with who you give access to and what roles you give them.

Do you have a privacy policy?

Yes. Our privacy policy explains exactly what data we collect and why, and your store should have its own privacy policy that tells your customers the same.

Back to Account & teamShare this article

Still need a hand?

Our friendly support team usually replies within a few hours. We are happy to help — no question is too small.

Contact support