Account & Login Guide

Welcome to tablrr! This guide explains how to create your account, log in securely, and manage your login methods.

Table of Contents

1. Getting Started
2. Registration
3. Logging In
4. Email Verification
5. Two-Factor Authentication (2FA)
6. Password Management
7. OAuth Social Login
8. Linking OAuth Providers
9. Managing Connected Accounts
10. Account Security
11. Troubleshooting

Getting Started

tablrr offers flexible login options to suit your preferences:

• Email and Password: Traditional registration with a unique password
• OAuth Social Login: Quick sign-up using Google or GitHub
• Two-Factor Authentication: Add an extra layer of security with authenticator apps

Registration

Register with Email and Password

1. Visit the registration page
2. Fill in the form:
   • Name: Your full name
   • Email: A valid email address you have access to
   • Password: At least 8 characters (mix of letters, numbers, and symbols recommended)
   • Confirm Password: Re-enter your password
3. Click "Register"
4. You'll receive a verification email - check your inbox and spam folder
5. Click the verification link in the email to activate your account

Register with OAuth (Social Login)

1. Visit the registration page
2. Choose your preferred provider:
   • Google
   • GitHub
3. You'll be redirected to the provider's login page
4. Sign in with your provider account
5. Grant permission for tablrr to access your basic profile information
6. You'll be automatically logged in to tablrr
7. Your account is created using your email and name from the provider

Note: If your email address is already registered with tablrr, you'll be prompted to link accounts (see Linking OAuth Providers).

Logging In

Login with Email and Password

1. Visit the login page
2. Enter your email address
3. Enter your password
4. Optionally, check "Remember me" to stay logged in
5. Click "Log in"
6. If you have 2FA enabled, you'll be prompted for a verification code

Login with OAuth (Social Login)

1. Visit the login page
2. Click the button for your linked provider:
   • Google
   • GitHub
3. You'll be redirected to the provider (may log you in automatically if already signed in)
4. You'll be logged in to tablrr immediately after signing in with your provider

Forgot Password

If you forget your password:

1. Click "Forgot your password?" on the login page
2. Enter your email address
3. Click "Email Password Reset Link"
4. Check your email for the password reset link
5. Click the link in the email
6. Enter and confirm your new password
7. Click "Reset Password"
8. You'll be logged in automatically

Note: If you registered with OAuth only (no password set), you can't use password reset. Instead, log in with your OAuth provider and add a password through your profile settings.

Email Verification

For security, you must verify your email address before using tablrr.

Verify Your Email

1. After registering, you'll see a verification notice
2. Check your email inbox (and spam folder) for a verification email from tablrr
3. Click the "Verify Email Address" button in the email
4. You'll be redirected to tablrr and your email will be verified
5. You can now access your account

Resend Verification Email

If you didn't receive the email:

1. On the verification notice page click "Resend Verification Email"
2. Wait a few minutes and check your inbox
3. Check your spam/junk folder

Note: You can only resend the verification email twice per hour to prevent abuse.

Note: If for some reason you do not receive teh verification email, not even in Spam, get in touch - support@tablrr.app

Two-Factor Authentication (2FA)

Two-factor authentication adds an extra security layer by requiring a time-based code from an authenticator app in addition to your password.

Enable 2FA

1. Log in to your account
2. Go to your profile settings
3. Find the "Two-Factor Authentication" section
4. Click "Enable Two-Factor Authentication"
5. You may be prompted to confirm your password
6. A QR code will be displayed
7. Open your authenticator app (1Password, Authy, Google Authenticator, etc.)
8. Scan the QR code with your authenticator app
9. Enter the 6-digit code from your authenticator app to confirm setup
10. Important: Save your recovery codes in a secure location (see below)
11. Click "Confirm" to finish enabling 2FA

Recovery Codes

When you enable 2FA, you'll receive 8 recovery codes. These are critical:

• Purpose: Use these if you lose access to your authenticator app
• Storage: Store them securely (password manager, secure note, printed copy)
• One-time use: Each code can only be used once
• Generate new codes: You can regenerate codes from your profile settings

Warning: If you lose both your authenticator app and recovery codes, you may be locked out of your account permanently. Keep your recovery codes safe!

Using 2FA to Login

Once 2FA is enabled:

1. Enter your email and password on the login page (or use OAuth)
2. Click "Log in"
3. You'll be redirected to the 2FA challenge page
4. Open your authenticator app and get the current 6-digit code
5. Enter the code
6. Click "Verify"
7. You'll be logged in

Using Recovery Codes

If you can't access your authenticator app:

1. On the 2FA challenge page, click "Use a recovery code"
2. Enter one of your 8 recovery codes
3. Click "Verify"
4. You'll be logged in
5. Important: The recovery code is now used and won't work again
6. Consider regenerating new recovery codes from your profile

Disable 2FA

To turn off 2FA:

1. Log in to your account
2. Go to your profile settings
3. Find the "Two-Factor Authentication" section
4. Click "Disable Two-Factor Authentication"
5. You'll be prompted to confirm your password for security
6. Confirm the action
7. 2FA is now disabled

Note: We recommend keeping 2FA enabled for maximum account security.

Password Management

Change Your Password

To update your password:

1. Log in to your account
2. Go to your profile settings
3. Find the "Update Password" section
4. Enter your current password
5. Enter your new password (at least 8 characters)
6. Confirm your new password
7. Click "Save"
8. Your password is updated

Add Password to OAuth-Only Account

If you registered with OAuth (Google or GitHub) and want to add a password:

1. Log in with your OAuth provider
2. Go to your profile settings
3. Find the "Add Password" section (only visible if you don't have a password)
4. Enter a new password (at least 8 characters)
5. Confirm your new password
6. Click "Add Password"
7. You can now log in with email and password OR OAuth

Password Requirements

For security, passwords must:

• Be at least 8 characters long
• Mix uppercase and lowercase letters (recommended)
• Include numbers (recommended)
• Include special characters (recommended)
• Not be a commonly used password

OAuth Social Login

OAuth allows you to log in using your existing accounts with Google or GitHub.

Supported Providers

• Google: Use your Gmail or Google Workspace account
• GitHub: Use your GitHub account

Benefits of OAuth

• Faster registration: No need to create another password
• Easy login: Click one button to log in
• Secure: Leverages provider's security (2FA, biometric login)
• Profile sync: Your name and avatar are automatically imported
• No password to remember: Provider handles the login process

OAuth Privacy

When you use OAuth, tablrr only requests:

• Your email address
• Your name
• Your profile picture (optional, used as avatar)

tablrr does NOT do anything else.

You can revoke tablrr's access at any time through your provider's security settings.

Linking OAuth Providers

If you try to log in with an OAuth provider, and that email address already exists in tablrr:

1. You'll see an account linking prompt
2. The message will say: "An account with this email already exists. Would you like to link this [Provider] account to your existing account?"
3. You have two options:
   • Link Account: Click this to proceed with linking (requires password confirmation)
   • Cancel: Return to login page without linking

Password Confirmation for Linking

For security, linking an OAuth provider to an existing account requires password confirmation:

1. Click "Link Account" on the prompt
2. A modal will appear asking for your password
3. Enter your current account password
4. Click "Confirm"
5. If the password is correct, the provider will be linked
6. You'll be logged in immediately
7. You'll see a success notification

If you cancel: You'll return to the login page. The next time you try to log in with that provider, you'll see the linking prompt again. Your cancellation is NOT remembered.

Note: If you don't have a password (OAuth-only account), you can't link additional providers through the login page. Instead, log in with your existing provider and link new ones through profile settings.

Managing Connected Accounts

View and manage all your linked OAuth providers in one place.

View Connected Providers

1. Log in to your account
2. Go to your profile settings
3. Find the "Connected Accounts" section
4. You'll see a list of all connected providers
5. Each provider shows:
   • Provider name and icon
   • Date when it was connected
   • "Disconnect" button

Disconnect OAuth Provider

To remove an OAuth provider from your account:

1. Go to the "Connected Accounts" section in profile settings
2. Find the provider you want to disconnect
3. Click "Disconnect"
4. A confirmation modal will appear
5. Click "Confirm" to proceed
6. The provider will be removed from your account
7. You can no longer log in with that provider

Safety Check: You cannot disconnect a provider if it's your last login method. The system will show an error:

"Cannot disconnect your last login method. Please set a password first or connect another OAuth provider."

This prevents you from locking yourself out of your account.

Best Practices

• Link multiple providers: Having 2-3 login methods provides backup options
• Add a password: Even if you use OAuth, adding a password gives you a fallback
• Keep one provider connected: Never disconnect all providers if you don't have a password
• Use 2FA: Enable 2FA for maximum security regardless of login method

Deleting an Account

To permanently delete your account:

1. Log in to your account
2. Go to your profile settings
3. Find the "Delete Account" section
4. Click "Delete Account"
5. You'll be prompted to confirm your password
6. Enter your password
7. Confirm the action
8. Your account and all data will be permanently deleted

Warning: Account deletion is permanent and cannot be undone. All your data will be erased.

Account Security

1. Use a strong password: At least 12 characters with mixed case, numbers, and symbols
2. Enable 2FA: Adds critical extra security layer
3. Don't reuse passwords: Use a unique password for tablrr
4. Save recovery codes: Store them securely when enabling 2FA
5. Use a password manager: Tools like 1Password or Bitwarden help manage passwords
6. Keep email secure: Your email account is the key to resetting your password
7. Log out on shared devices: Don't stay logged in on public computers

Troubleshooting

I forgot my password and don't have OAuth linked

1. Use the "Forgot your password?" link on the login page
2. Enter your email address
3. Check your email for the password reset link
4. Follow the instructions to create a new password

I can't verify my email

Issue: Verification email not received

• Check your spam/junk folder
• Ensure the email address is correct in your profile
• Click "Resend Verification Email" on the verification prompt
• Wait a few minutes for delivery
• Add noreply@tablrr.app to your contacts and try again

Issue: Verification link expired

• Verification links expire after 60 minutes
• Click "Resend Verification Email" to get a new link

I lost my authenticator app and recovery codes

If you've lost access to both your authenticator app AND your recovery codes:

1. You may be locked out of your account
2. Contact support at support@tablrr.app with:
   • Your email address
   • Proof of identity (e.g., reply from the email address)
   • Date when you created your account (approximate)
3. I may be able to disable 2FA manually after verifying your identity

Prevention: Always save your recovery codes in a secure location when enabling 2FA.

I'm getting "Too many login attempts"

You've exceeded the rate limit (5 attempts per minute). This is a security feature.

Solution:

• Wait for the countdown timer to reach zero
• Try logging in again
• If you keep getting locked out, verify you're using the correct password
• Use the "Forgot your password?" link if needed

OAuth provider login fails

Issue: "Invalid redirect URI"

• The OAuth app configuration may have changed
• Contact support if the issue persists

Issue: "App not approved" or "Permission denied"

• The OAuth provider's app may be in development mode
• This is usually a temporary setup issue
• Try again later or use email/password login

Issue: "Email not provided by provider"

• Some providers require explicit email permission
• Try disconnecting and reconnecting the provider
• Ensure your provider account has a verified email address

I can't disconnect an OAuth provider

Issue: "Cannot disconnect your last login method"

You can't disconnect a provider if:

• It's your only OAuth provider, AND
• You don't have a password set

Solution:

1. Go to your profile settings
2. Add a password using the "Add Password" section
3. After adding a password, you can disconnect the OAuth provider
4. Alternatively, link another OAuth provider first, then disconnect

I want to change my email address

To change your email:

1. Go to your profile settings
2. Update your email in the "Profile Information" section
3. Click "Save"
4. Your email verification status will be reset
5. Verify your new email address using the verification link sent to the new email

Note: Changing your email doesn't affect your OAuth logins, but you should ensure the new email matches your OAuth provider email for consistency.

I'm locked out of my account

Common reasons and solutions:

1. Forgot password: Use password reset flow
2. Lost 2FA codes: Use recovery codes or contact support
3. Email verification pending: Check email and verify
4. Account suspended: Contact support
5. Too many failed attempts: Wait for rate limit to reset

Next Steps

Now that you understand how account login works:

1. Complete your profile in profile settings
2. Enable 2FA for enhanced security
3. Start using tablrr to manage your affiliate marketing data
4. Explore the dashboard and other features

Thank you for using tablrr!