Signing in from a new device is routine, but because it’s also what an attacker would do, we add a check the first time — and you should keep your list of trusted devices tidy.
Adding a new device
- Sign in as normal with your email and password.
- Complete the extra verification step — a code to your registered phone or authenticator.
- Choose whether to trust the device, so routine sign-ins on it are quicker.
Keeping devices tidy
In Account > Security > Devices you can see where you’re signed in and remove any device you no longer use — an old phone, a shared computer, a machine you’ve sold. Removing a device signs it out. If you ever see a device you don’t recognise, remove it, change your password, and treat it as a possible compromise.
Whenever a change touches money, access or your company’s data, we verify the request is genuinely from an authorised person before we act. We will never ask you to confirm full security details by email or phone to release information or push through a change — if a message pressures you to do that, treat it as suspicious and contact us to check.
See also: How to turn on two-factor authentication, Keeping your account secure, What to do if you suspect unauthorised access.