A few minutes of setup keeps your shifts, messages, and payment info safe.
Enable two-factor
- User Settings → Security → Two-factor authentication.
- Choose authenticator app (recommended) or SMS.
- For authenticator: scan the QR code into Google Authenticator, Authy, 1Password, etc. Enter the 6-digit code to confirm.
- For SMS: enter your phone, confirm the code we text you.
- Save your backup codes somewhere safe (password manager). Each code is single-use.
Strong password
12+ characters, unique to ShiftSee. A password manager makes this easy.
What to do if you suspect a takeover
- Change your password immediately from User Settings → Security.
- Sign out all sessions from User Settings → Security → Active sessions.
- Email security@shiftsee.com with as much detail as you can: timestamps of suspicious activity, last known good login, what you noticed.
- Your payment methods can't be re-pointed by a thief without re-verifying the card or bank, but they can send shift requests on your behalf, so locking down quickly is critical.
Phishing red flags
- Email from a not-quite-shiftsee.com domain (e.g.,
shiftsee-support.com). - Links to "log in to verify" — we never ask you to do that via email.
- Urgent threats ("your account will be deleted in 24 hours").
When in doubt, navigate to https://shiftsee.com directly and check your messages there. Real platform notices appear in-app.