Personal security

Account security.

Manage multi-factor authentication, recovery access, and the devices currently signed in to Tarnova.

{{ $user->hasEnabledTwoFactorAuthentication() ? 'Protected' : 'Protection recommended' }}

Account protection

{{ $user->hasEnabledTwoFactorAuthentication() ? 'Second factor active' : 'Password only' }}

Active sessions

{{ count($activeSessions) }} active {{ count($activeSessions) === 1 ? 'session' : 'sessions' }}

Backup access

{{ $user->hasEnabledTwoFactorAuthentication() ? count($user->two_factor_recovery_codes ?? []) . ' recovery codes' : 'Generated after setup' }}

Authenticator app

Multi-factor authentication

Use Google Authenticator, Microsoft Authenticator, 1Password, Authy, or another TOTP app.

@if (! $user->hasEnabledTwoFactorAuthentication() && ! $pendingSecret)
Secure password sign-ins with a second step. You will scan a QR code, confirm a six-digit code, then save recovery codes.
@csrf
@endif @if ($pendingSecret)
1. Scan QR 2. Confirm code 3. Save recovery codes
{!! $qrSvg !!}

Scan this QR code in your authenticator app, then enter the six-digit code to finish setup.

Manual setup key

{{ $pendingSecret }}
@csrf
@endif @if ($user->hasEnabledTwoFactorAuthentication())
MFA is active. Enabled {{ $user->two_factor_confirmed_at?->format('d M Y H:i') }}
@endif
@if ($recoveryCodes)

Save now

Recovery codes

These codes are shown once. Store them in a password manager or another secure location.

@foreach ($recoveryCodes as $code) {{ $code }} @endforeach

Treat these like passwords. Each code works once and cannot be viewed again later.

@endif

Devices

Active sessions

Review where your account is signed in and revoke sessions you no longer trust.

@if ($otherSessionCount > 0) {{ $otherSessionCount }} other {{ $otherSessionCount === 1 ? 'session' : 'sessions' }} @endif
@forelse ($activeSessions as $session)

{{ $session['browser'] }} on {{ $session['platform'] }}

@if ($session['is_current']) Current browser @endif

{{ $session['device'] }} · {{ $session['ip_address'] }}

Last active {{ $session['last_activity_human'] }}
@empty
No active sessions found. Session visibility requires database-backed sessions.
@endforelse
@if ($otherSessionCount > 0)
@csrf @method('DELETE')
@else
No other signed-in devices were found.
@endif