Account Security

This page is for the part of account work where a small mistake can feel bigger than it is, mostly because the stakes are obvious: you are changing the ways you get back in.

Maybe you want to change your password. Maybe you are adding an authenticator app. Maybe you saw a sign-in method you no longer use and your first instinct was to remove it. The Security page is where those controls live.

Use it carefully. Security is not just a list of preferences. It controls the ways you can get back into your Axiom account.

The good first move is simple: before you remove or change anything, make sure you still have at least one sign-in method you trust, an email inbox you can reach, and your authenticator app nearby if MFA is involved. Security work goes better when you know the way back before you touch the door.

Before you change anything

Start here, even if you already know what you came to do.

• You need to be signed in before Security opens.

• If you cannot sign in, start with Login or Forgot Password instead.

• Keep at least one usable sign-in method on the account.

• Keep access to the email inbox connected to the account before changing password or email settings.

• Have your authenticator app ready before starting MFA setup or completing an extra authenticator check.

• Wait for the visible success, error, or next-step message before assuming a change is finished.

That last point matters. Some security changes have a second step. A password change may need an email code. An email change has to be finished through email. Authenticator app setup is not done just because a QR code appeared on screen.

Before you press a button that removes, changes, verifies, or signs out, ask four plain questions:

• If this change works, what state should I see next?

• If this change signs me out, do I know how I will sign back in?

• If the page asks for email or authenticator verification, do I have that ready?

• If something looks wrong, what exact message will I need to report?

That may feel slow. It is much faster than trying to reconstruct what happened after the page has already moved on.

What Security is for

Use Security when the job is about getting into the account safely.

Security is where you manage:

• Sign-in methods

• Password

• Email address

• Authenticator app

• Session controls

• Extra check needed, when the current session needs another authenticator code

Use Account for profile-facing details such as display name and TradingView username context. Use Security for the account login itself.

If you are not sure which page owns the thing you are trying to fix, use this split:

Security is not an account-recovery bypass, and it is not an admin page. It can help you manage supported self-serve controls while you still have access to the account.

It also is not a billing, subscription, checkout, or TradingView access page. Signing out a session does not cancel a subscription. Changing a sign-in method does not change product access by itself. Keep those jobs separate so you do not chase the wrong problem.

Open Security

1. Sign in to Axiom.

2. Open the dashboard.

3. If you are on a small screen, open Open dashboard menu.

4. Choose Security near Account.

5. Wait for the page header to show Security.

The page may briefly show Loading security settings.... Let that clear before deciding a control is missing.

If loading does not clear, refresh once. If it still does not clear, stop and keep the visible state or error message. A stuck security page is not a good place to guess.

If the site sends you to Login, the dashboard does not have a signed-in session to use. Sign in first, then return to Security.

If the site sends you to MFA check, enter the current code from your authenticator app. That check is about the current session proving it has the second factor before continuing.

Read Sign-in methods first

Sign-in methods shows the ways currently linked to the account. Think of each row as a door back in.

Each method can show:

• the provider label,

• when it was last used, or not recently,

• a Remove button when removal is allowed.

Do not start by removing things. Read the list first and ask the boring but important question: "If I remove this, how will I sign in next time?"

Last used not recently is a clue, not a verdict. It does not prove the method is bad, and it does not prove the method is safe to delete. If you are cleaning up old methods, first make sure another method has actually worked for you.

If the page shows No sign-in methods found, do not treat that as permission to keep clicking around. Refresh once if the page looks stale. If the empty state keeps showing and the account state does not make sense, preserve the exact message before asking for help.

Link another sign-in method

Use this when you want another provider-based way to sign in.

1. Open Security.

2. Find Sign-in methods.

3. Under Add another sign-in method, look for an available Link {provider} button.

4. Select the provider you want to link.

5. Complete the provider handoff if the site sends you away from Axiom.

6. Return to Security and check that the method now appears in the list.

Only providers shown on the page are available to link from that state. The website may support more provider types internally than it offers to you on screen, so do not assume a missing provider button means something broke.

The handoff matters. If the provider asks you to sign in, approve, or confirm something on its own screen, finish that step there and come back to Security. Axiom can start the link, but the provider still has to accept its part of the work.

If the page says every available sign-in method is already connected, there is no additional provider method to add from that section right now.

After a successful link, Security may show a message that the provider is now connected. Still read the list. The list is the part that tells you what the account can currently use.

If the handoff does not return you cleanly, sign back in if needed, open Security again, and check the list before trying the same link repeatedly. The list is more useful than your memory of the handoff screen.

Remove a sign-in method

This is the section to move slowly through.

1. Open Sign-in methods.

2. Confirm another usable sign-in method remains on the account.

3. Select Remove on the method you no longer want.

4. Wait for the Security page to refresh the list.

5. Confirm the method you removed is gone and another way in still remains.

If Remove is disabled, that can be the correct state. The page blocks removing the last usable sign-in method. The button is not broken. It is protecting the account from being stranded.

Do not remove a method just to test whether another one works. First sign in successfully with the method you plan to keep, then come back to Security if you still want to clean up the old one. If you cannot prove another method works, keep the current one in place.

Change your password

Use Password when you are already signed in and want to change the password for this account.

Before you start, your new password needs:

• 12 or more characters,

• at least one letter,

• at least one number,

• something more than blank spaces.

The page does not require symbols or mixed case based on the current rules. It does require the two password fields to match.

To change the password:

1. Open Security.

2. Find Password.

3. Enter the new password in New password.

4. Enter the same password in Confirm password.

5. Select Save password.

6. Read the visible message after the save finishes.

If the password fields have show/hide controls, use them if you need to check what you typed. That is often better than guessing and submitting two slightly different passwords.

If the page says the change needs a fresh code, use Email verification code. Check your email, enter the code in Verification code, then select Save password again.

That code step is not the same thing as a permanent failure. It means the current password change needs a fresher email check before it can finish.

After you request the code, work from the email message you receive and the current dashboard form. Do not assume the password changed until Security shows the success message or the next required step.

If you cannot sign in at all, do not use this dashboard password flow. Start with Forgot Password.

Request an email change

Use Email address when you want to request a change to the account email.

1. Open Security.

2. Find Email address.

3. Read the current Account email.

4. Enter the new email address in Account email.

5. Select Request email change.

6. Check email to finish the change.

The important word is request.

Selecting Request email change does not mean every dashboard surface instantly switches to the new email. The page can tell you to check email because the change still needs follow-through outside the dashboard.

Until the email follow-up is complete, treat the account email as in transition. Do not build another security change on the assumption that the new address is already active everywhere.

If Account email shows Not available, pause before making assumptions about the account. The current session does not have an email value to show there. If the signed-in account feels wrong, sort that out before changing security settings.

Do not guess which inboxes need confirmation beyond what the email itself tells you. The source-supported instruction is simpler: request the change, then check email and follow the message you receive.

Set up authenticator app MFA

Use Authenticator app to add an extra sign-in step with an authenticator app.

Before starting, install or open an authenticator app that can scan a QR code or accept a setup secret. Keep it available until the setup is verified.

To turn on authenticator app MFA:

1. Open Security.

2. Find Authenticator app.

3. Read whether the extra sign-in step is currently on or off.

4. Read whether the current session is fully verified or still needs a code.

5. Use the default Factor label, or change it if you want a clearer name.

6. Select Start setup.

7. Scan the QR code with your authenticator app, or enter the displayed secret into the app.

8. Enter the current 6-digit code from the app.

9. Select Verify and enable MFA.

10. Wait for Security to refresh and show that the authenticator app is turned on.

Scanning the QR code is not the finish line. It only gives your authenticator app the setup information. The account does not finish enabling that factor until the current 6-digit code verifies.

Treat the QR code and setup secret like private security material. Do not send them in a support screenshot, paste them into a message, or leave them open longer than you need to finish setup.

The Factor label is just a label for the authenticator factor. It is not a backup method, recovery code, or second email address.

After MFA is enabled, keep the authenticator app reachable before signing out of other devices. Future sign-ins or sensitive sessions may need a current code.

Remove authenticator app MFA

If a verified authenticator factor exists, the Authenticator app section can show it with Remove factor.

1. Open Authenticator app.

2. Find the verified factor you want to remove.

3. Select Remove factor.

4. Wait for the Security page to refresh.

5. Read the new MFA state before leaving the page.

Removing the factor changes the account's extra sign-in setup. Do not remove it unless you understand how you will sign in afterward.

This page does not show backup codes or a recovery-code flow. Do not invent one in the moment. If the authenticator state does not make sense, gather the visible message and ask for help rather than trying to force a workaround.

If removing the factor turns the extra sign-in step off, read that state before leaving the page. The goal is not just to remove the row. The goal is to know what protection the account has after the row is gone.

Complete Extra check needed

Extra check needed can appear when the current browser session needs an authenticator code before continuing.

This does not automatically mean MFA setup failed. It can simply mean this session has not passed the current authenticator check yet.

To complete it:

1. Open your authenticator app.

2. Enter the current code in Authenticator code.

3. Select Verify authenticator code.

4. Let the site route you back into the dashboard flow.

If you are on MFA check instead of the Security page, the shape is similar: enter Authenticator code, then select Verify code. While it is processing, the button may say Verifying....

If the MFA check says it cannot find a verified authenticator app on the account, do not treat that as a prompt to bypass security. Preserve the message. You may need help understanding the account's MFA state.

If the same code is rejected more than once, slow down and use the current code shown in the authenticator app. If the error keeps returning, the exact message matters more than another blind retry.

Use Session controls

Session controls is for signing out active sessions. Choose the button by the result you want, not by which one sounds strongest.

These controls affect sign-in sessions. They do not cancel billing, remove product access, or change a subscription.

Use Sign out other sessions when this browser is the one you trust and you want to close sessions somewhere else.

Use Sign out everywhere when you want the broader reset and are ready to sign in again. Do not press it casually while you are halfway through another security change.

The page can confirm when other active sessions were signed out. Do not assume every other device redraws its state at the exact same instant.

If you are worried about an old device or browser, Sign out other sessions is usually the calmer first move when you still trust the browser you are using now. Sign out everywhere is stronger, but it includes the current browser too.

If something looks stuck

Use the visible state to choose the next honest check.

The useful habit is to avoid turning a pending state into a story. Read the page first. It usually tells you whether the next move is email, an authenticator code, a refresh, signing in again, or asking someone to look at the account state.

When to ask for help

Ask for help when the dashboard no longer gives you a safe self-serve next step.

That usually means one of these:

• Sign-in methods are missing or do not match what you expected after refresh.

• You cannot keep at least one usable sign-in method on the account.

• A provider handoff does not return you to Security cleanly.

• Password change keeps asking for a code or returning the same error.

• Email change says to check email, but the next step still does not make sense after you read the email.

• MFA setup is stuck after the QR code step.

• The authenticator code is repeatedly rejected.

• The page says the session needs a code, but you cannot complete the check.

• Session sign-out did not produce the state you expected.

Before asking for help, gather the boring facts. They are what make the report useful:

• the account email you can still access,

• the exact section you were using, such as Password or Authenticator app,

• the exact visible message,

• the sign-in method or provider involved,

• whether you can still access the current dashboard session,

• whether an email code or authenticator code is pending,

• what you selected immediately before the state changed,

• whether you were sent to Login, MFA check, or back to the dashboard.

Support can look at an account state that does not add up. Do not treat support as a way around sign-in, email confirmation, provider verification, or MFA.

What you should know when you are done

After a clean pass through Security, you should be able to say:

• which sign-in methods are linked,

• whether another provider method is available to link,

• whether a Remove button is disabled because it is protecting the last way in,

• whether your password changed or still needs an email code,

• whether your email change request still needs email follow-up,

• whether authenticator app MFA is off, on, or waiting for verification,

• whether the current session still needs an authenticator code,

• which session sign-out action you used.

That is the point of the page: not to make security feel dramatic, but to make the next step visible enough that you do not have to guess.

Related pages

• Security

• Account

• Login

• Forgot Password

• MFA check

• Account Profile