# Keeping your account secure

Overleaf provides a number of features to keep you informed about any changes to your account. If you have any questions about suspicious activity on your account, please [contact us](https://www.overleaf.com/contact).

## Requests for sensitive account information

Employees of Overleaf will never ask you to provide your password or complete billing information to us via our support channels. If you receive such a request, it will not have come from us and is not legitimate. You can treat any such messages as phishing attempts.

## Resetting your password

If you believe your Overleaf account password may have been compromised, or would like to change it for any other reason, follow these steps:

1. If you know your current Overleaf password, you can change the password on your [Account Settings page](https://www.overleaf.com/user/settings).
2. You can reset your password by entering your account's primary email address at our [password reset page](https://www.overleaf.com/user/password/reset). If there's an Overleaf account with a matching primary email address, we'll send an email with instructions to reset your password. If you don't receive the password reset instructions within a few minutes, please check your spam/junk folders, as well as any filters you may have set up, for any messages from `welcome@overleaf.com`.
3. We recommend that you set (or reset) a strong password that is not shared with any other site. Using a free password manager is a good approach.

If you use another method for logging in to Overleaf, for example Institutional Login, "Log in with ORCID", or similar, you can manage your password through those services.

## Checking for other active sessions on your account

If you are concerned that someone else may have access to your account, click on **Account** > **Account Settings** from your Dashboard page. Scroll down to the **Sessions** section and click on **Manage your sessions**. Click the **Clear Sessions** button below to log out of all sessions besides your current session. You may also want to reset your password on the [Account Settings page](https://www.overleaf.com/user/settings).

## Email notifications about changes to your account

We'll send you email notifications about certain changes to your account settings. Make sure that the primary email associated with your Overleaf account is up-to-date, accessible to you, and can receive emails from `welcome@overleaf.com`. To change add or update your email address, use the instructions at [Changing email addresses associated with your account](/accounts-and-security/email-address-and-login-options.md#changing-email-addresses-associated-with-your-account).

Here are some examples of changes to your account settings that result in an email notification:

* Changing your account's primary email address
* Adding a secondary email address to your account
* Linking your Overleaf account with a third-party service such as Google, ORCID, Dropbox, or GitHub
* Linking your Overleaf account with an institutional single sign-on provider (available if you're a member of selected institutions)
* Clearing your Overleaf account's active sessions

{% hint style="danger" %}
If you receive an email notification for an account change that you don't recognize, please [contact us](https://www.overleaf.com/contact) right away so we can investigate. It's also good practice to [reset your password](#resetting-your-password) and check for any active sessions if you are notified of activity that you do not recognize.
{% endhint %}

## Your responsibilities

While Overleaf provides features to help you keep your account secure, you must use your Overleaf account in a secure way in order to keep your projects and personal identification safe. Overleaf's [Terms of Service](https://www.overleaf.com/legal) note that you are responsible for maintaining and protecting all of your stuff.

<details>

<summary>Do not share your Overleaf account</summary>

Every Overleaf user **must** have their own individual account.

Sharing an Overleaf account is not the correct way to collaborate on a project or to provide premium features to multiple users.

To collaborate with others on a document, use Overleaf's [sharing options](/collaborating/sharing-a-project.md). If you are part of a team using Overleaf, each team member gets their own account. Team members' accounts might join a [group subscription](/subscriptions-payments-and-billing/group-subscription.md) to gain access to premium features which allow multiple collaborators.

</details>

<details>

<summary>Take care using shared devices</summary>

If you are using a shared device in your home, lab, library, or other location, please make sure to sign out of your Overleaf account when you are done with your work.

</details>

<details>

<summary>Use a secure login method</summary>

Overleaf offers multiple login methods. If you are using the email and password-based login method, you must use a strong password. We recommend using a password manager and setting up a unique password for your Overleaf account.

Overleaf also provides [options](/accounts-and-security/email-address-and-login-options.md#overleaf-login-options) to log in with Google or ORCID. For some types of subscriptions, Overleaf offers Single Sign-On (SSO) options.

</details>

<details>

<summary>Make sure you can access your primary email address</summary>

Important security notifications and password-reset links are sent to your primary email address. It is essential that your primary email address is always set to be one that you can access. If you are leaving an institution or changing your email address, be sure to [update the primary email address](/accounts-and-security/email-address-and-login-options.md#your-primary-email-address-is-important) on your Overleaf account before you lose access to your current email address.

</details>

<details>

<summary>Allow emails from welcome@overleaf.com</summary>

As described above, you may receive important email notifications about your account. If you mark emails from `welcome@overleaf.com` as spam or junk, you may not receive important notifications about your Overleaf account. We ask that you be sure to check that these emails are not being sent to your spam or junk folder, and that you do not mark these as spam.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.overleaf.com/accounts-and-security/keeping-your-account-secure.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.