Changing Password & Email
Changing Password & Email
StratBase.ai uses multi-step verification flows for changing sensitive account data. Each step requires a verification code.
Changing Your Password (2-Step)
Step 1 — Initiate
- Go to Settings → Profile → Security
- Click "Change Password"
- Enter your current password
- A 6-digit verification code is sent to your email
Step 2 — Confirm
- Enter the verification code from your email
- Enter your new password (min 8 characters)
- Confirm the new password
- Click "Change Password"
Note: The verification code expires in 15 minutes and allows up to 5 attempts.
After Changing Password
- All existing sessions are invalidated (you'll need to log in again on all devices)
- 24-hour cooldown on affiliate payouts
- 7-day cooldown on username changes
- A confirmation email is sent with a "This wasn't me" link for emergency lock
Changing Your Email (3-Step)
Step 1 — Initiate
- Go to Settings → Profile → Security
- Click "Change Email"
- A verification code is sent to your Telegram (if linked) or current email
Step 2 — Verify Identity
- Enter the code from Step 1
- Enter your new email address
- A second verification code is sent to the new email
Step 3 — Confirm New Email
- Enter the code sent to your new email
- The email change is complete
Note: You cannot change your email within 24 hours of changing your password.
After Changing Email
- 24-hour cooldown on affiliate payouts
- 7-day cooldown on username changes
- Old email receives a notification about the change
Verification Code Details
| Property | Value | |----------|-------| | Format | 6-digit numeric code | | Expiration | 10–15 minutes | | Max Attempts | 5 per code | | Storage | SHA-256 hashed (codes are never stored in plain text) |
FAQ
Q: I didn't receive the verification code? A: Check your spam folder. If still missing, wait a few minutes and request a new code.
Q: What if I forgot my current password? A: Use the "Forgot Password" flow on the login page — a reset link will be sent to your email.
Q: Can I use OAuth (Google/Telegram) to skip password changes? A: OAuth accounts don't have a platform password. You can set one via "Forgot Password" if needed.