Lock it down
Two-factor authentication arrives for PicaDeck. Protect your account with any TOTP authenticator app, fall back to single-use recovery codes if you lose your device, and clear a quick verification step at login. This release also hardens SQL schema import with smarter constraint and foreign-key parsing.
- NewTwo-factor authentication (TOTP) — secure your account with any authenticator app like Google Authenticator, Authy, or 1Password
- NewGuided 2FA setup from Settings → Security with a scannable QR code and a manual entry key
- NewTen single-use backup recovery codes, shown once at setup, to get back in if you lose your device
- NewRegenerate backup codes at any time from the Security settings
- NewLogin adds a verification step that accepts your 6-digit authenticator code or a backup code
- ImprovedHardened by design — TOTP secrets are encrypted at rest (AES-256-GCM) and code attempts are rate-limited to prevent brute force
- ImprovedSQL import handles CHECK constraints cleanly — they're stripped without derailing the rest of the table
- ImprovedForeign keys are parsed from both inline column definitions and ALTER TABLE statements, including ON DELETE and ON UPDATE actions
- ImprovedMore reliable enum value extraction when importing SQL schemas