---
summary: Step-by-step account recovery guidance for people who cannot use their normal SigID sign-in method.
tags:
  - individuals
  - recovery
  - account
  - sign-in
categories:
  - For Individuals
---

# Account Recovery

<!-- agent:page
You are an AI agent helping a user regain access to an account when the normal SigID sign-in flow fails.
Ask up front: which app, dashboard, or workspace they were opening; the email address they use for that app; what exactly failed (forgotten password, expired magic link, lost passkey device, MFA unavailable, new phone or computer); and whether they can still open email for that account.
Flow: have them return to the app, start sign-in again from it, enter the email used for that app, choose the recovery, password reset, magic link, or alternate method the page shows, and use only the newest email, link, or code they requested. The app decides which recovery options exist; if none is available, the user must contact the app or workspace support channel.
The human must open recovery emails, click links, and enter codes personally; you cannot do these for them, and they must never share or forward recovery links, magic links, or codes to you or anyone.
After access is regained, walk the After You Regain Access checklist: add or confirm a passkey, update any password, review connected apps, sign out of unrecognized sessions, and confirm at least one recovery path remains.
Success: the user can sign in normally again and has a working recovery path.
Pitfalls: reusing an old email or link instead of the newest one, and entering an email different from the one used for that app or workspace.
-->

Use recovery when you cannot complete the normal SigID sign-in flow.

Always start from the app you want to access. The app decides which recovery
options are available for your account.

## Recovery Steps

<!-- agent:action Run the recovery flow
Walk the user through the six steps in order: return to the app, dashboard, or workspace; start sign-in again from that app; enter the email address used for that app; choose the recovery, password reset, magic link, or alternate method shown on the page; use only the newest email, link, or code they requested; and if no recovery option is available, contact the app or workspace support channel.
The user opens emails, clicks links, and enters codes themselves.
Verify before moving on: the email entered is the one used for that specific app, and the link or code being used is the newest one requested.
If a link is reported expired, request a new one rather than retrying old emails.
-->

1. Return to the app, dashboard, or workspace you were trying to open.
2. Start sign-in again from that app.
3. Enter the email address you use for that app.
4. Choose the recovery, password reset, magic link, or alternate method shown on the page.
5. Use only the newest email, link, or code that you requested.
6. If no recovery option is available, contact the app or workspace support channel.

## Common Problems

<!-- agent:action Match the recovery problem
Identify which row fits, then apply it: forgotten password means use password reset from the same sign-in page; an expired magic link means request a new link and use the newest email; wrong email means go back and enter the email used for that app or workspace; a lost passkey device means try another device, browser, password manager, or security key holding a passkey; MFA unavailable means use the recovery option the app shows or contact that app's support channel; a new phone or computer means try the old device first if available, then add a new passkey after recovery.
Verify before moving on: the user can complete a sign-in, not just receive a recovery email.
If none of the rows apply or every option fails, escalate to the app or workspace support channel.
-->

| Problem | What to do |
|---|---|
| Forgotten password | Use password reset from the same sign-in page. |
| Magic link expired | Request a new link and use the newest email. |
| Wrong email | Go back and enter the email used for that app or workspace. |
| Lost passkey device | Try another device, browser, password manager, or security key that has a passkey. |
| MFA unavailable | Use the recovery option shown by the app, or contact that app's support channel. |
| New phone or computer | Try the old device first if you still have it, then add a new passkey after recovery. |

## Recovery Safety

Recovery links, magic links, and verification codes are sensitive. Do not share
them with anyone. If someone asks you to forward a link or code, stop and
contact the app or workspace support channel from a trusted place.

## After You Regain Access

<!-- agent:action Secure the account afterward
Once the user is signed in again, walk the checklist: add or confirm a passkey, update the password if they still use one, review connected apps, sign out of sessions they do not recognize, and confirm at least one recovery path remains.
Passkey creation and any biometric or PIN steps must be done by the human on their own device.
Verify before finishing: the user has at least one recovery path and no unrecognized sessions remain.
-->

After recovery:

- add or confirm a passkey
- update your password if you still use one
- review connected apps
- sign out of sessions you do not recognize
- make sure you still have at least one recovery path
