Signing In

Overview

Remy supports two ways in: email + password, or Google. You pick one when you sign up; the other is wired automatically. After that, two-factor authentication and a sessions view are available for additional protection and oversight.

Email and Password

Standard sign-up flow. Provide an email, set a password, verify the email, and you're in. Future sign-ins use the same email and password.

If you forget your password, the Forgot password? link on the sign-in screen sends a reset link to your email.

Google Sign-In

Click Sign in with Google on the sign-in screen, pick a Google account, and you're in. Sign-in works whether your account was originally created with email or with Google — Remy links the two as long as the email matches.

For users who sign up with Google, a Remy account is created on the spot. If you grant Google's contacts permission at the same step, your contact book starts populating immediately. See Google Sync for what's set up for you.

Two-Factor Authentication

Two-factor authentication (2FA) adds a second step at sign-in: after your password (or Google login), Remy asks for a one-time code from your authenticator app.

Enabling 2FA

Open Settings → Security and click Enable two-factor authentication.

1. Scan the QR code with your authenticator app (Google Authenticator, 1Password, Authy, etc.).
2. Type the 6-digit code from the app to confirm pairing.
3. Save the backup codes Remy shows you next.

The backup codes are a one-time download. Store them somewhere your password manager covers, like a 1Password secure note or a printed copy in a safe. They are how you get back into your account if you lose your authenticator device.

Signing In With 2FA

After your password (or Google), Remy asks for a 6-digit code. Open your authenticator app, type the current code. If you can't reach the app, click Use a backup code and type one of the codes you saved. Each backup code works exactly once.

Disabling 2FA

From Settings → Security, enter your password to confirm and disable 2FA. Backup codes are invalidated immediately. Re-enabling later issues a new set.

Active Sessions

Open Settings → Security → Active sessions to see every device currently signed in to your account: browser, OS, approximate location, and the time of the last activity.

To revoke a session, click Sign out next to it. The device is signed out on its next request to Remy. Your current session is marked This device and stays signed in.

Use this when:

• You signed in on a shared computer and forgot to sign out.
• You see a session you don't recognize.
• A device was lost or stolen.

What Gets Logged

Sign-in activity is recorded by your authentication provider rather than the in-app Activity Log — the Activity Log focuses on data mutations against your account, not authentication events. Sessions and 2FA changes are visible directly under Settings → Security.

Frequently Asked Questions

What if I lose my authenticator and my backup codes?

Contact support. Recovery without backup codes requires identity verification and isn't guaranteed. Save your backup codes when you enable 2FA — that's the path designed for this case.

Can I use a hardware key (YubiKey) for 2FA?

Not today. TOTP authenticator apps are the only second-factor method supported. Hardware-key support is on the roadmap.

Does signing out from one device sign me out everywhere?

No. Sign out signs out the current device only. Use Active sessions to revoke other devices individually.

How long does a session stay active?

Sessions remain valid until you sign out, revoke them from the active sessions list, or change your password. There's no fixed expiration.

Is my password changeable?

Yes — Settings → Security → Change password. You'll need your current password to set a new one. If you're signed in via Google and never set a password, you can establish one through the same screen.