Keeping Your Account Secure
Keeping your account secure
Cloomba uses passwordless sign-in, which removes one of the most common attack vectors — weak or reused passwords. Here's what that means for your security and what you can do to stay safe.
How passwordless sign-in works
Instead of a password, you sign in via:
- Magic link — a one-time link sent to your email
- Google, Apple, or GitHub — OAuth handled entirely by those providers
There is no password to steal, guess, or reuse.
Protect your email account
Your email is the key to your Cloomba account via magic link. If someone gains access to your inbox, they could sign in as you. Use a strong, unique password on your email provider.
Protect your OAuth provider
If you sign in with Google or Apple, your Cloomba account is only as secure as that Google or Apple account. Keep those accounts protected with a strong password and any security features they offer.
Suspicious activity
If you notice unexpected RSVPs, posts, or profile changes, contact us. We can investigate and help secure your account.