Two-Factor Authentication

How Provisio Authentication Works

Provisio uses passwordless authentication, which is inherently more secure than traditional passwords. Instead of remembering a password that could be stolen or guessed, you receive a secure, one-time link via email each time you sign in.

Why Passwordless is Secure

• No password to steal — Attackers can't steal or guess a password that doesn't exist
• No password reuse — You can't accidentally use the same password across multiple sites
• Time-limited links — Sign-in links expire quickly and can only be used once
• Email as second factor — Access requires control of your email account, providing built-in two-factor security

Protecting Your Email

Since your email is used for authentication, keeping it secure is essential:

• Enable 2FA on your email — Use two-factor authentication on your email provider (Gmail, Outlook, etc.)
• Use a strong email password — Your email password should be unique and complex
• Watch for phishing — Only click sign-in links you requested; Provisio will never ask for your password

Session Security

• Sessions expire after a period of inactivity
• You can sign out from all devices in Settings
• Suspicious activity triggers automatic session termination

Reporting Security Issues

If you notice any suspicious activity on your account or believe your account may be compromised, contact us immediately at security@provisio.app