Changing your login email or password

Where to go

Settings → Account. You'll see two buttons: Change email and Change password.

Changing your login email

1. Click Change email.
2. Enter the new address and your current password.
3. We email a confirmation link to your current login address. The login switches the moment you click it — until then, your existing email keeps working.
4. We also email a heads-up to the new address so you can confirm it's reachable.

Sending the confirmation link to your current inbox (rather than the new one) is the security primitive: only someone with access to your existing email can authorise the change. If you mistype the new address, just redo the form — the previous attempt is overwritten.

Changing your password

1. Click Change password.
2. Enter your current password, then the new one twice.
3. New password must be at least 8 characters and different from the current one.
4. We email a "password just changed" notice to your login address, so you have a paper trail of every change.

You stay logged in on this device after the change. Any other devices you were signed in on stay signed in too — Supabase doesn't auto-revoke other sessions on password change.

Why the password is asked twice

Re-prompting for your current password (instead of just trusting the session) is an extra layer of verification on sensitive changes. Combined with the email confirmations above, you get a two-channel paper trail on every email or password update.

What if I forgot the current one?

Sign out and use the Reset password link on the login page. You'll get a reset email — clicking it lets you set a new password without knowing the old one.