Two-Factor Authentication & Passkeys Policy

Effective Date: 2026

Last Updated: 2026

This Two-Factor Authentication & Passkeys Policy explains how two-factor authentication, multi-factor authentication, authenticator apps, SMS codes, email codes, backup codes, passkeys, security keys, trusted devices, login challenges, account recovery, lost devices, and related account security features may work on Playflick.com, operated by Playflick™ Media .ltd.

This policy should be read together with our Terms of Service, Privacy Policy, Security Policy, Account Recovery Policy, Login Sessions & Active Devices Policy, Fraud Prevention & Risk Review Policy, Identity Verification & KYC Policy, Business Accounts & Organisation Policy, Team Access & Role Permissions Policy, and Account Suspension & Termination Policy.

1. Who We Are

Operator: Playflick™ Media .ltd

Website: https://playflick.com

Business Address:
41 Norman Avenue
London
N22 5ES
United Kingdom

Account Security Support Email: hello@playflick.com
Contact Page: https://playflick.com/contact-us

2. Purpose of This Policy

Two-factor authentication, passkeys, and additional login security tools help protect Playflick accounts from unauthorised access, account takeover, payment abuse, creator payout fraud, impersonation, and other security risks.

This policy explains:

How two-factor authentication may work
How passkeys and security keys may work
How backup codes and recovery methods should be protected
What happens if a user loses access to a 2FA device
When Playflick may require extra security checks
What security-code misuse is prohibited

3. Feature Availability

Two-factor authentication, passkeys, security keys, authenticator app support, SMS codes, email codes, backup codes, trusted devices, login challenges, and related security features may not be available to every user, country, device, browser, app version, account type, or platform surface.

Playflick may add, remove, restrict, redesign, suspend, or discontinue two-factor authentication and passkey features at any time.

4. What Is Two-Factor Authentication?

Two-factor authentication may require users to provide an additional security factor after entering account login details.

Additional security factors may include:

Authenticator app codes
SMS verification codes where available
Email verification codes where available
Backup codes
Security keys
Passkeys
Device approval prompts where available

5. Authenticator Apps

Users may be able to use an authenticator app to generate time-based security codes where features are available.

Authenticator app codes may be affected by:

Device time settings
App setup errors
Lost or replaced phones
Deleted authenticator entries
Factory resets
Account recovery activity
Security review requirements

Users should store backup codes safely before relying on authenticator app login.

6. SMS and Email Codes

Playflick may support SMS or email verification codes where available.

SMS and email codes may be delayed, blocked, unavailable, or unreliable because of:

Mobile carrier issues
Email provider filtering
Incorrect phone numbers or email addresses
Regional delivery limits
Network outages
Spam or junk folders
Security or fraud review

Playflick may restrict SMS or email verification where security, fraud, abuse, or regional limitations apply.

7. Backup Codes

Backup codes may allow users to access their account if they lose access to a primary two-factor authentication method.

Users should:

Store backup codes securely
Keep backup codes private
Avoid storing backup codes only on the same device used for 2FA
Generate new backup codes if old codes may be compromised
Never share backup codes with anyone claiming to be support staff

Backup codes may be single-use, time-limited, revocable, or unavailable depending on feature design.

8. Passkeys

Passkeys may allow users to sign in using device-based authentication such as biometrics, device PINs, platform authenticators, password managers, or supported security technology.

Passkey availability may depend on:

Device support
Browser support
Operating system support
Password manager support
Account settings
Security requirements
Regional availability

Passkeys may make sign-in easier and more secure, but users are responsible for protecting the devices or accounts that store passkeys.

9. Security Keys

Playflick may support physical security keys where features are available.

Security keys may use USB, NFC, Bluetooth, or other supported methods depending on the device and browser.

Users should keep security keys safe and should consider registering more than one key where supported to reduce lockout risk.

10. Trusted Devices

Users may be able to mark a device as trusted where features are available.

Trusted devices may reduce the need for repeated login challenges, but they may also increase risk if the device is shared, lost, stolen, compromised, or no longer controlled by the user.

Users should not trust public, school, workplace, hotel, library, borrowed, or shared devices.

11. When Playflick May Require Extra Verification

Playflick may require additional verification even if a user has already signed in.

Extra verification may be required for:

New device login
Suspicious login activity
Password changes
Email changes
Two-factor authentication changes
Payment method changes
Payout method changes
Account deletion requests
Business role or team permission changes

12. Lost or Replaced Devices

If a user loses, replaces, resets, or no longer controls a device used for two-factor authentication, they may need to use backup codes or account recovery tools.

Account recovery may require:

Access to the account email
Backup codes
Identity verification where required
Business verification where relevant
Security review
Waiting periods where appropriate
Additional fraud prevention checks

Playflick may refuse recovery where ownership cannot be verified.

13. Account Lockout

Users may be locked out if they lose access to their password, email, phone number, authenticator app, backup codes, passkey, security key, or trusted device.

Playflick is not responsible for loss of access caused by lost devices, outdated contact information, deleted authenticator entries, unavailable phone numbers, forgotten backup codes, or unsupported device changes.

14. Business and Team Accounts

Business, organisation, studio, brand, and team-managed accounts may have additional two-factor authentication requirements.

Playflick may require 2FA or passkeys for:

Account owners
Admins
Billing managers
Payout managers
Content managers
Moderators with high-risk permissions
API or developer access users

15. Creator and Monetised Accounts

Playflick may require stronger security for creator, monetised, marketplace, or payout-enabled accounts.

Stronger security may be required because these accounts may involve:

Creator earnings
Wallet balances
Payout information
Paid content
Marketplace listings
Membership revenue
Tax information
Subscriber or supporter relationships

16. Code and Credential Safety

Users must keep security codes and credentials private.

Users must not share:

Passwords
One-time login codes
Two-factor authentication codes
Backup codes
Recovery codes
Passkey access
Security key access
Device-linking or sign-in codes

Playflick staff will not ask users to provide passwords or one-time login codes through unofficial channels.

17. Phishing and Social Engineering

Attackers may try to steal passwords, two-factor codes, backup codes, passkey access, or account recovery information.

Warning signs may include:

Fake Playflick login pages
Messages asking for one-time codes
Threats that an account will be deleted unless a code is shared
Fake verification offers
Fake payout release messages
Suspicious links or attachments
Requests to install remote access software

18. Misuse of Two-Factor Authentication or Passkeys

Users must not misuse 2FA, passkeys, security keys, backup codes, trusted devices, or account recovery tools.

Prohibited misuse may include:

Trying to bypass another user’s 2FA
Stealing or phishing security codes
Using stolen backup codes
Registering passkeys on devices without permission
Using 2FA lockout to take over business accounts
Sharing security keys to sell or rent account access
Submitting false recovery information

19. Security Review and Delays

Playflick may delay, restrict, or review account changes involving 2FA, passkeys, security keys, backup codes, trusted devices, payment methods, payout methods, or ownership changes.

Security review may be used to reduce fraud, account takeover, payment abuse, impersonation, or unauthorised access.

20. Reports and Support

Users may contact Playflick about two-factor authentication issues, lost devices, passkey problems, backup code problems, security key problems, suspicious login challenges, or account recovery concerns.

Contact:

Email: hello@playflick.com
Contact Page: https://playflick.com/contact-us

Please include:

Your account email
The security feature involved
The device, browser, app, or operating system involved
A clear explanation of the issue
Any screenshots, error messages, or relevant account-security context
Whether you believe your account has been compromised

Do not send passwords, full payment card numbers, bank passwords, or one-time login codes.

21. Enforcement

Playflick may take action where two-factor authentication, passkeys, security keys, backup codes, trusted devices, login challenges, or recovery tools are abused.

Enforcement may include:

Revoking trusted devices
Resetting security settings
Requiring password reset
Requiring two-factor authentication
Restricting account recovery
Restricting account features
Restricting payment or payout changes
Restricting accounts involved in security abuse
Suspending or terminating accounts for serious or repeated abuse
Preserving records for legal, safety, fraud, rights, or security reasons

22. Appeals

If your 2FA access, passkey access, security key access, trusted device, account recovery, payment access, payout access, account, or related feature was restricted and you believe Playflick made a mistake, you may request a review under our Appeals Policy where available.

Contact:

Email: hello@playflick.com

Please include:

Your account email
The 2FA method, passkey, security key, device, account, or feature involved
The decision you are appealing
Why you believe the decision was incorrect
Any supporting screenshots, error messages, account-security information, or context

Do not send passwords, full payment card numbers, bank passwords, or one-time login codes.

23. Privacy and Data Retention

Playflick may process and retain two-factor authentication records, passkey records, security key records, backup code records, trusted-device records, login challenge records, account recovery records, device records, support messages, appeal records, fraud signals, safety records, and enforcement records.

These records may be retained for account operation, security, fraud prevention, account recovery, legal compliance, moderation, payment protection, appeals, audits, and platform integrity.

More information is available in our Privacy Policy, Data Retention Policy, and Evidence Preservation Policy.

24. Changes to This Policy

We may update this Two-Factor Authentication & Passkeys Policy from time to time.

Changes may reflect new security tools, passkey support, 2FA methods, trusted-device controls, recovery processes, fraud controls, legal requirements, or platform updates.

Your continued use of Playflick two-factor authentication, passkey, or account security features after changes become effective means you agree to the updated policy.

25. Contact Us

For two-factor authentication questions, passkey issues, backup code concerns, lost device support, account security reports, appeal requests, or policy enquiries, contact:

Playflick™ Media .ltd
41 Norman Avenue
London
N22 5ES
United Kingdom

Account Security Support Email: hello@playflick.com
Contact Page: https://playflick.com/contact-us
Website: https://playflick.com

براہ کرم نوٹ کریں کہ اگر آپ کی عمر 18 سال سے کم ہے، تو آپ اس سائٹ تک رسائی حاصل نہیں کر سکیں گے۔