Your MateFlow account is split into two areas: your public profile, which other members see, and your private security settings, which control how you sign in and keep your account safe. Both live under Settings.
Editing your profile
Open Settings → Profile (or use the Edit profile button on your own profile page). From here you can set:
- Avatar and cover image — upload and crop both directly on the page.
- Display name (up to 50 characters) and an optional headline (up to 100).
- Bio (up to 255 characters) and location.
- Social links — up to five, from Twitter/X, LinkedIn, GitHub, Instagram, YouTube, TikTok, Facebook, or a custom URL.
If your community admin has defined additional profile fields, they appear as their own section — these can be text, URLs, dates, or single- and multi-select choices, and some may be required. Changes save only when there is something new to persist, and each section has its own save button.
Changing your username
Your username forms your profile URL (shown as yourdomain/@username). In the Username section, type a new handle — 3–30 lowercase characters — and MateFlow checks availability live as you type. Because a change updates your public link, you are asked to confirm before it takes effect.
Account and sign-in
Open Settings → Security to manage how you access your account:
- Email — change your address by confirming your current password. A verification message is sent to the new address, and the change stays pending until you confirm it; you can resend the verification if needed.
- Password — set a password (if you only signed up with a social account) or change an existing one. Changing it requires your current password, and the new password must differ.
- Linked accounts — connect or disconnect social sign-in providers. You cannot unlink your last sign-in method unless a password is set.
Protecting your account
MateFlow offers layered security controls on the same page.
| Feature | What it does |
|---|---|
| Two-factor authentication (2FA) | Adds an authenticator-app code at sign-in. Scan the QR code (or enter the manual key), then save your one-time recovery codes for backup access. |
| Login alerts | Notifies you on a new device, a new location, or repeated failed attempts. |
| Trusted devices | Once 2FA is on, mark a device as trusted to skip codes on it for a limited time; revoke any device at any point. |
| Active sessions | See where you are signed in, spot your current session, and revoke all other sessions in one click. |
The security page also lets you export your data and, in the Danger zone, delete your account. Deep links such as /settings/security#two-factor scroll straight to the relevant section.
Next steps
- Turn on 2FA and store your recovery codes somewhere safe before you need them.
- Review notifications and announcements to fine-tune what reaches you.
- Community owners can manage members and roles from the admin tools.