Skip to content

Login and Logout

Signing in to and out of the portal.

The CodeCharter portal uses classic cookie-based login. Email and password, that is it.

Authentication methods

Sign-in works with email and password only. There is currently no two-factor authentication (2FA/TOTP) and no SSO or OAuth sign-in via Google, GitHub, or Microsoft. Account protection relies on the lockout after repeated failed attempts (see below) and the sign-in log: every sign-in attempt is recorded with timestamp, IP address, and browser identifier (see Privacy and GDPR).

Login

On /Account/Login:

  • Email, as entered during registration
  • Password, as entered during registration

After a successful login you land on the dashboard. If you were redirected to the login page from a protected page, you return to that page instead.

Error messages

  • "Email or password did not match". Typo or wrong account.
  • "Account is locked due to too many failed attempts". After eight failed attempts the account is locked for 15 minutes. After that it works again.
  • "Please confirm your email address before signing in". You have not yet clicked the confirmation link from registration. Check your inbox or request a new link (see Registration and Trial).
  • "Please fill in both fields." One or both fields were left empty.

After a failed attempt the email field stays pre-filled, so you only need to retype the password.

Logout

Click "Sign out" in the sidebar (at the bottom next to your avatar). This clears the session cookie and sends you back to the home page.

Session duration

After login the session lasts 14 days with sliding expiration — as long as you visit the portal regularly, the session does not expire. If you do not log in for two weeks, you need to sign in again. There is no "remember me" checkbox — every login is persistent for the full 14 days.

Multiple browsers / devices

You can be signed in on as many devices as you like simultaneously. Each has its own session.

Security

Passwords are stored as a one-way hash — neither we nor anyone with database access can recover the plaintext.

Forgot your password?

There is a "Forgot password?" link on the login page. See Password reset.

Invalidating all sessions

If you signed in on someone else's machine and forgot to log out, change your password on the profile page. All other sessions are then signed out automatically; this can take up to about 30 minutes.