# Changing your password How you sign in — and how (or whether) you change a password — depends on whether you're a creditor partner using the dashboard or a debtor using the portal. ## Creditor dashboard (Clerk-managed) The creditor dashboard uses [**Clerk**](https://clerk.com/) for authentication. Sign-in, password changes, password resets, and multi-factor settings all live in Clerk's account UI — we don't store or rotate your password ourselves. To change your password: 1. Sign in to the dashboard. 2. Open your Clerk **User account** menu (usually the avatar in the top corner). 3. Pick **Security** (or **Password**) inside Clerk. 4. Follow Clerk's flow to set a new password. Password complexity, account lockouts, multi-factor authentication (TOTP authenticator app or SMS), and session management are all enforced by Clerk according to your organization's Clerk settings. If your organization signs in with Google / Microsoft / SAML via Clerk, the password lives with that identity provider, not with us. ## Forgot password Use the **Forgot password** link on the Clerk sign-in screen. Clerk emails a reset link. If the link expires before you use it, request another. ## Multi-factor authentication MFA is configured in Clerk's user-account UI under **Security**. The supported factors are whatever your Clerk instance has enabled — typically an authenticator app and/or SMS. ## Debtor portal — no password Debtors **don't have a password**. The portal works like this: 1. You click the magic link in our email (or open the portal URL we sent). 2. We email you a 6-digit one-time code (OTP). 3. You enter the code to verify you're you. The code is good for **10 minutes** and you get **up to 5 attempts** per code. If you don't receive it, see [I didn't get my one-time code](/troubleshooting/didnt-receive-otp.md). There is nothing to change because there is no password. ## What to do if you think your account is compromised If you're a creditor: 1. Change your password in Clerk immediately and review active sessions there. 2. Turn on MFA if it isn't already on. 3. Review your placement audit log for unfamiliar activity (see [Audit log access](/account-and-settings/audit-log-access.md)). 4. [Contact support](/troubleshooting/contact-support.md) — we can rotate your API key and investigate. If you're a debtor and someone else may have your magic link, [contact support](/troubleshooting/contact-support.md) and we will revoke the active portal session. ## TODO * Screenshot: Clerk user-account UI inside the dashboard. *** Last reviewed: 2026-05-24 by Customer Success. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.moderncollections.io/account-and-settings/changing-your-password.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.