← All posts

Your profile, two-factor sign-in, data export, account deletion, and install to home screen

This batch is about giving you control over your account. A real profile page, optional two-factor sign-in, a full data export, a proper deletion path with a recovery window, and a PWA install so 1pm sits on your phone’s home screen alongside everything else.

A profile page that does what you’d expect

There’s now a Profile page at Account > Profile with three independent sections.

Display name is the friendly name we use in the top-right of the navbar (replacing the email address that used to live there) and on shared content where attribution matters. Save updates instantly with no page reload.

Change password is a separate section with the current-password check you’d expect. Successful changes refresh your sign-in cookie so you stay logged in.

Change email is a two-step flow: type the new address, confirm via a link sent to that new address, and the swap completes once you click through. Until you click the link, your existing email stays the active one, so a typo doesn’t lock you out.

Two-factor sign-in (TOTP)

You can now turn on two-factor authentication for your 1pm account from Account > Two-factor. Scan the QR code into your authenticator app of choice (1Password, Authy, Google Authenticator, anything that does TOTP), enter the six-digit code to confirm, and we generate ten one-time recovery codes for the case where you lose your device.

The sign-in flow detects when 2FA is on, asks for the code on the screen after your password, and remembers the device for 30 days so you’re not entering codes on every session.

If your crew submits sensitive files (signed insurance certificates, working-with-children cards, identity documents), turning on 2FA for the planner account is the right baseline. We also gate the “create a document upload request” action behind 2FA: you can’t ask crew for documents without 2FA enabled on your account, and you can’t turn 2FA off while document requests exist on any event. Belt-and-braces for the data crew trust you to hold.

Export your whole workspace

Account > Export now produces a single ZIP with everything we hold for you: every event with its full timeline, attachments and uploads (metadata + the files themselves), every crew member, every request and response, your branding themes with their logos, and your event briefs and links.

Use it for off-site backup, for migrating context between tools, or for the “I want to see what 1pm has on me” peace of mind. The export is generated on demand and downloaded directly; we don’t email it or stash a copy.

Crew-uploaded files are deliberately not included. Those documents were sent to you in confidence by crew members, and bundling them into your export without their knowledge would break that trust. If you need a specific crew upload outside 1pm, you can download it from the planner one at a time today, and we’ll add a more deliberate opt-in flow if there’s demand.

Account deletion with a 48-hour safety net

Deleting your account is now a proper two-phase flow. Click Delete from Account > Danger zone, confirm, and we soft-delete immediately: you’re signed out, your data is hidden from everywhere, and a hard-delete job is scheduled 48 hours out.

If you change your mind within that window, sign in with your usual credentials and you’ll land on a Restore page that brings everything back exactly as it was. After 48 hours, the hard-delete runs: every event, vendor, upload, request, branding theme, and identity row gets removed in a single transaction, blob storage is purged of your uploads, and your Stripe customer record is detached. We send a confirmation email when the deletion finishes so you have a written record.

Install 1pm on your phone

1pm is now a Progressive Web App. From your phone’s browser, “Add to Home Screen” creates a real app icon that opens 1pm in its own window with no browser chrome. The crew-side live link runs offline-capable from a service worker, so once a crew member has opened their run of show on event day, intermittent venue Wi-Fi doesn’t take it down.

There’s no app store gate, no download, no permissions dance. The same URL that worked in the browser becomes an app icon on the home screen.

The footer of every page now links to Help (1pm.app/help), Status (1pm.statuspage.io), Terms of Use, and Privacy. The Privacy policy itself was rewritten this batch and lives in the app rather than as a static PDF, so it stays in sync with how 1pm actually handles your data.