Account

Security Settings

Protect your Kling account and customer data with two-factor authentication, session management, and security best practices.

Kling TeamNovember 10, 20245 min read
Security Settings
Keep your customer data and marketing campaigns secure

Security isn't optional when you're handling customer data. Kling provides robust security features to protect your account and your customers' information. This guide walks through setting up and maintaining a secure configuration.

Two-Factor Authentication (2FA)

Adding 2FA is the single most important security step you can take:

1

Enable 2FA

Go to Settings > Security > Two-Factor Authentication and click Enable.

2

Scan QR Code

Use an authenticator app (Google Authenticator, Authy, 1Password) to scan the QR code.

3

Enter Verification Code

Enter the 6-digit code from your app to confirm setup.

4

Save Backup Codes

Download and securely store your backup codes. These let you access your account if you lose your phone.

Store Backup Codes Safely

Backup codes are your last resort. Store them somewhere secure like a password manager or safe. Don't keep them on your phone!

Phone showing authenticator app
Two-factor authentication adds a critical layer of account protection

Session Management

Control where and how your account is accessed:

Active Sessions

View all logged-in sessions at Settings > Security > Active Sessions:

  • Device type and browser
  • IP address and location
  • Last active time

Revoking Sessions

See a session you don't recognize?

  1. Click Revoke next to the session
  2. That device is immediately logged out
  3. Investigate if you didn't authorize it

Session Timeout

Configure automatic logout after inactivity:

  • 15 minutes (high security)
  • 1 hour (balanced)
  • 8 hours (convenience)

Shared Computers

Always use a shorter session timeout if accessing Kling from shared or public computers.

Password Requirements

Strong passwords protect against unauthorized access:

Password Policy

  • Minimum 12 characters
  • At least one uppercase letter
  • At least one number
  • At least one special character

Changing Your Password

  1. Go to Settings > Security > Password
  2. Enter current password
  3. Enter and confirm new password
  4. Click Update Password

Password Best Practices

  • Use a unique password for Kling
  • Consider a password manager
  • Never share your password
  • Change immediately if compromised
Lock representing secure access
Strong passwords are your first line of defense

Team Security

For organizations, additional security controls are available:

Require 2FA for All Members

As an Admin:

  1. Go to Settings > Security > Team Security
  2. Enable Require 2FA
  3. Members have 7 days to set up 2FA or lose access

IP Allowlisting

Restrict access to specific IP addresses:

  1. Navigate to Settings > Security > IP Allowlist
  2. Add trusted IP addresses or ranges
  3. Access from other IPs will be blocked

SSO (Enterprise)

Enterprise customers can configure Single Sign-On:

  • SAML 2.0 support
  • Okta, Azure AD, Google Workspace
  • Automatic provisioning available

Data Protection

Kling protects your data at multiple levels:

Encryption

  • In transit: TLS 1.3 for all connections
  • At rest: AES-256 encryption for stored data
  • Backups: Encrypted and stored separately

Data Residency (Cloud)

Choose your data region:

  • United States
  • European Union
  • Asia Pacific

Data stays in your chosen region for compliance.

Access Logging

All data access is logged:

  • API calls
  • Admin actions
  • Data exports

Logs retained for 90 days (Cloud) or configurable (self-hosted).

API Security

If using the API, additional precautions apply:

API Key Best Practices

  • Use separate keys for different applications
  • Rotate keys regularly (every 90 days recommended)
  • Never commit keys to version control
  • Use environment variables

See our API keys guide for detailed management.

API keys have the same permissions as the user who created them. Create keys from accounts with minimum necessary access.

Security Monitoring

Stay informed about account security:

Security Alerts

Receive notifications for:

  • Login from new device
  • Password changed
  • 2FA settings modified
  • Multiple failed login attempts

Audit Log

Review all security-relevant events:

  • Team member changes
  • Permission modifications
  • Data exports
  • API key usage

Incident Response

If you suspect a security breach:

  1. Change your password immediately
  2. Revoke all sessions except current
  3. Review audit logs for unauthorized activity
  4. Contact support if you see unauthorized access
  5. Reset API keys if they may be compromised

Kling's security team monitors for suspicious patterns and will alert you if we detect anomalies.

Security Checklist

Use this checklist to ensure your account is secure:

  • [ ] Two-factor authentication enabled
  • [ ] Strong, unique password set
  • [ ] Backup codes saved securely
  • [ ] Unused sessions revoked
  • [ ] Team 2FA requirement enabled (if applicable)
  • [ ] API keys using least privilege
  • [ ] Regular access audits scheduled

Next Steps

Security is an ongoing process. Regularly review these settings to maintain a secure environment for your marketing operations!

security2faprivacy

Related Articles

API Keys
Account
API Keys
4 min read
Managing Team Members
Account
Managing Team Members
5 min read
Campaign Not Running
Troubleshooting
Campaign Not Running
6 min read

Need More Help?

Can't find what you're looking for? Our support team is here to help.