> ## Documentation Index
> Fetch the complete documentation index at: https://support.humanizing.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Manage Users and Roles in Your Plural Account

> Invite teammates, assign Editor or Admin roles, remove users, update your username or password, and learn how Plural protects your account from brute-force attacks.

Plural lets you share your account with as many collaborators as you need. Each person gets a role that determines what they can see and do — from building flows to managing billing and user access. This page walks you through inviting new users, changing their roles, removing them when needed, and keeping your own credentials up to date.

## User Roles

Every person you add to your account holds one of two roles:

<CardGroup cols={2}>
  <Card title="Editor" icon="pencil">
    Can create, edit, and publish projects. Cannot manage users, view billing, or configure account-level settings.
  </Card>

  <Card title="Admin" icon="shield-halved">
    Has full Editor access **plus** the ability to invite or remove users, change roles, manage linked accounts/organisations, and access billing settings.
  </Card>
</CardGroup>

<Note>
  The account owner always holds Admin rights and cannot be removed by other admins.
</Note>

***

## Invite a User

You need Admin rights to invite new users.

<Steps>
  <Step title="Open User Management">
    Click the **three dots (⋯)** next to your username in the lower-left corner of the screen, then select **User Management**.
  </Step>

  <Step title="Enter the email address">
    Type the email address of the person you want to invite into the invitation field.
  </Step>

  <Step title="Choose a role">
    Select either **Editor** or **Admin** from the role drop-down.
  </Step>

  <Step title="Send the invitation">
    Click **Invite**. Plural sends the recipient an activation link they can use to register and join your account immediately.
  </Step>
</Steps>

<Tip>
  The invited user must click the activation link in their email to complete registration. The link is single-use and expires if not used.
</Tip>

***

## Change a User's Role

You can update a collaborator's role at any time without removing and re-inviting them.

<Steps>
  <Step title="Open User Management">
    Click the **three dots (⋯)** next to your username, then select **User Management**.
  </Step>

  <Step title="Find the user">
    Locate the person whose role you want to change in the user list.
  </Step>

  <Step title="Select the new role">
    Use the role drop-down next to their name to switch between **Editor** and **Admin**.
  </Step>

  <Step title="Confirm">
    The change takes effect immediately — no further confirmation is required.
  </Step>
</Steps>

***

## Remove a User

<Warning>
  Removing a user immediately revokes their access. Any projects they created remain in the account and are not deleted.
</Warning>

<Steps>
  <Step title="Open User Management">
    Click the **three dots (⋯)** next to your username, then select **User Management**.
  </Step>

  <Step title="Locate the user">
    Find the user you want to remove in the list.
  </Step>

  <Step title="Remove them">
    Click the **Remove** (trash / X) icon next to their name. Plural removes their access instantly.
  </Step>
</Steps>

***

## Change Your Username or Password

<Steps>
  <Step title="Open Account Settings">
    Click the **three dots (⋯)** next to your username in the lower-left corner, then select **Account Settings**.
  </Step>

  <Step title="Update your username">
    Edit the **Username** field and save your changes.
  </Step>

  <Step title="Update your password">
    Enter your current password, then type and confirm your new password. Click **Save** to apply the change.
  </Step>
</Steps>

***

## Brute-Force Login Protection

Plural automatically protects all accounts against brute-force password attacks.

<Info>
  A brute-force attack tries thousands of password combinations in rapid succession. To make this unprofitable, Plural limits the number of failed login attempts allowed within a short time window. After a certain number of consecutive failures, your account is **temporarily locked** for a set period. This lockout resets automatically — you do not need to contact support unless you believe your account has been compromised.
</Info>

If you are locked out because you forgot your password, use the **Forgot Password** link on the login page to reset it via email before your lockout window expires.
