Skip to content

Sign In and Account Security

SyncTV can enable several sign-in methods. The methods shown in the UI depend on administrator configuration.

MethodRequiresGood for
OPAQUE password loginLocal passwordPublic client local password login without storing direct password-verifier equivalents
Direct password loginUsername or email and passwordRestricted environments where an OPAQUE client is unavailable while the server still stores and verifies OPAQUE credentials
Passkey/WebAuthnBrowser, OS account, or security keyPasswordless sign-in or second factor
Email codeA reachable verified email addressSign-in, verification, recovery, or MFA
OAuth2/OIDCThird-party accountGitHub, Google, Logto, or generic OIDC

Make sure you have at least two local verification methods: local password, passkey/WebAuthn, or verified email. OAuth2 does not count as a local 2FA factor.

  1. Complete the first factor: OPAQUE password login, direct password login, passkey, email sign-in, or OAuth2.
  2. If SyncTV asks for 2FA, choose one of the available second factors.
  3. Complete email code or passkey/WebAuthn.
  4. After signing in, confirm that at least two local verification methods remain available.

Public client local password login prefers OPAQUE. Direct password login serves restricted environments where the OPAQUE exchange is unavailable; the server immediately creates or verifies OPAQUE credentials from the submitted password.

SymptomCheck first
Password login failsUsername, password, account ban, 2FA requirement
Email code does not arriveAddress, spam folder, verified email, SMTP availability
OAuth2 callback does not sign inRegistration review, existing binding, callback URL
Passkey is unavailableBrowser, OS account, security key, current domain
2FA blocks accessWhether two local verification methods still exist

When reporting a problem, include time, username, sign-in method, error text, and requestId. Do not send passwords, tokens, cookies, OAuth2 codes, or verification codes.