Colleckt

Appearance

Authentication

The Colleckt dashboard uses email + password authentication with multi-factor authentication (MFA) enforced via email OTP codes.

Login

Navigate to your workspace URL and use your registered email and password to log in.

text
https://{workspace}.colleckt.io/login

MFA Challenge

Logging in requires an additional step:

  1. Enter your email and password on the login form
  2. A 6-digit OTP code is sent to your registered email address
  3. Enter the OTP code on the challenge screen within 10 minutes
  4. Once verified, you are authenticated and redirected to the dashboard

The OTP code expires after 10 minutes. If the code expires, you can request a new one.

Trusted Devices

After a successful MFA challenge, you can mark the device as trusted to bypass MFA for 7 days.

  • Can be revoked from your security settings

Logout

Log out from any page using the logout option in the user menu.

Password Reset

If you forget your password:

  1. Go to the login page and click "Forgot your password?"
  2. Enter your registered email address
  3. You will receive a password reset link via email
  4. Click the link and set a new password

The reset link is valid for a single use and expires after 60 minutes.

Email Verification

New user accounts require email verification:

  • A verification link is sent to the registered email address
  • You must click the link before accessing the dashboard
  • A new verification email can be requested if the original expires

Account Lockout

To protect against brute-force attacks:

  • After multiple failed login attempts, the account is temporarily locked
  • Locked accounts cannot log in until the lockout period expires
  • Administrators can manually unlock accounts from the User Management section

MFA Reset

If a user loses access to their registered email and cannot complete MFA:

  • An administrator can reset the user's MFA from the user edit screen
  • This clears the MFA confirmation, allowing the user to log in and re-enroll
  • All trusted devices for that user are revoked

Security Settings

Access your security settings from the profile menu:

  • View trusted devices — See all devices currently trusted for MFA bypass
  • Revoke devices — Remove trust from individual or all devices

Session Management

  • Sessions expire after a period of inactivity
  • Logging out terminates the session
  • Multiple simultaneous sessions are supported

Built for virtual address providers requiring USPS 1583 compliance.

Copyright © 2023 - 2026 Colleckt. All rights reserved.