Skip to main content

App Lock

BeeCount supports app lock to protect your financial privacy with PIN and biometric authentication.

Features

  • PIN Lock - Set a 4-digit PIN code required each time you open the app
  • Biometric Authentication - Support for fingerprint and Face ID for quick unlock
  • Multitask Blur - Automatically blurs screen content when switching to the app switcher, preventing others from seeing your data

Enable App Lock

  1. Go to "Me" → "Personalization"
  2. Enable "App Lock"
  3. Set a 4-digit PIN code
  4. Optionally enable biometric authentication (fingerprint/Face ID)

Lock Timing

  • App Launch - Authentication required each time the app opens
  • Return from Background - Authentication required when returning from other apps
  • Timeout Settings - Configurable timeout (immediately, 1 minute, 5 minutes, 15 minutes)

Privacy Blur Screen

When app lock is enabled, switching to the multitask view (swiping up to see recent apps) will:

  • Automatically blur all app content
  • Prevent others from seeing your financial data in the app switcher
  • Blur disappears automatically when you return to the app
tip

The privacy blur screen only works when app lock is enabled. If you want multitask privacy protection, you need to enable app lock first.

Forgot PIN

If you forget your PIN code, you can reset it by:

  1. Uninstalling and reinstalling the app
  2. Setting up app lock again
Note

Make sure your data is backed up via cloud sync before resetting, or local data may be lost.

Web Two-Factor Authentication (2FA)

The BeeCount Cloud web supports TOTP 2FA — scan a QR with Google Authenticator / 1Password / Authy and the login flow asks for a 6-digit code in addition to your password.

Enable 2FA

  1. Sign in on the web → avatar menu → Profile
  2. Click the "Two-factor auth" chip at the top → opens the setup wizard
  3. Scan the QR with an authenticator app (or paste the secret manually)
  4. Enter the current 6-digit code to confirm
  5. Save the 8 one-time recovery codes (print or store in a password manager — they're your lifeline if you lose the device)

Once enabled, sign-in becomes password → 6-digit code. The first sign-in on a device "trusts it for 30 days"; you can revoke trust manually in Devices.

Disable 2FA

Profile page → 2FA chip → enter current code → disable.

Device management

Avatar menu → Devices: lists every logged-in web / mobile device (IP, last-active time, client type). Revoke any suspicious device's access token in one click; the next request from that device bounces back to login.

Note: The mobile app does not surface a 2FA toggle today. 2FA policy is managed on the web, and the policy applies to all login entry points.