Sign in & accounts — bRRAIn Docs

How to create a bRRAIn account, sign in, set up multi-factor authentication, and recover access if you get locked out.

Sign in & accounts

Every door into bRRAIn — the website, the console, the marketplace, the exchange, the partner portal, the learning platform, your organization's app — uses one shared identity. This page explains what an account gives you, where you sign in, and how to keep your access safe.

What an account is

A bRRAIn account is a single email-addressable identity that:

  • Lets you sign in to every public-facing surface (brrain.io, app.brrain.io, console.brrain.io, marketplace.brrain.io, exchange.brrain.io, learn.brrain.io, partners.brrain.io, id.brrain.io, docs.brrain.io).
  • Carries your bRRAInUserID — a stable, optionally-public identifier that you can attach to your work (see ID Registry).
  • Holds your organization memberships — every organization you belong to lists you as a member with a role.
  • Stores your subscription state — what you've paid for, what's expiring, what's metered.
  • Tracks your MFA enrollment so a stolen password alone is not enough to sign in.

You can sign up with an email + password or use a social provider (Google, Microsoft) where supported.

Creating an account

  1. Go to brrain.io/register.
  2. Enter your name, work email, and a strong password (12+ characters; mix of letter, number, and symbol).
  3. Confirm your email by clicking the link we send. Most messages arrive in seconds; check spam if you don't see it within a minute.
  4. Optionally claim a bRRAInUserID vanity URL — this becomes your public identity-of-record.
  5. Optionally enroll multi-factor authentication at this step. We strongly recommend doing so before adding any payment method.

Once your email is confirmed you can sign in anywhere.

Signing in

Visit brrain.io/login. Enter your email and password. If MFA is enrolled you'll be asked for your second factor.

Sessions last 30 days on the surface where you signed in. Sensitive actions (changing your password, billing edits, deleting an organization) re-prompt for your password regardless of session age.

If you're already signed in to another surface and follow a cross-surface link, you'll typically be carried straight through. The single sign-in cookie is scoped to *.brrain.io so it's recognized everywhere we run.

Signing in from the docs

The docs site picks up your session automatically when you arrive from another surface. The user dropdown in the top right of every page shows your name and a link to your dashboard.

Multi-factor authentication (MFA)

We support three MFA channels:

| Channel | How it works | Best for | |---|---|---| | TOTP (recommended) | Authenticator app (Google Authenticator, 1Password, Authy, etc.) generates a 6-digit code that rotates every 30 seconds. | Most users — works offline, can't be intercepted. | | SMS | We text a one-time code to your phone. | Users who don't want an authenticator app. Less secure than TOTP because SMS can be SIM-swapped. | | Email | We send a one-time code to a recovery email different from your sign-in address. | Backup channel only. |

Enroll an MFA method from Account → Security. You can register more than one channel; we'll always offer all enrolled options at sign-in.

Recovery codes

When you enroll TOTP we issue 10 single-use recovery codes. Save them in your password manager or print them. If you lose your authenticator device, a recovery code is the only way back into your account without contacting support.

Forgot password

From the sign-in page, click Forgot password? Enter your email. We send a one-time reset link valid for 60 minutes. The link works from any browser; you do not need to be on the same device that requested it.

If you have MFA enrolled, you'll be challenged for your second factor before the new password takes effect — even with a valid reset link.

Locked out

If both your password and MFA are unavailable:

  1. Try a recovery code. From the sign-in page after entering your password, click Use a recovery code.
  2. If you have no codes, contact your organization owner. Owners can request a verified-identity reset on your behalf.
  3. If you're an organization owner with no path back in, contact support@brrain.io. Recovery requires verified identity and may take 24–72 hours depending on your tier.

Single sign-on (SSO)

Enterprise plans support SAML 2.0 SSO with any standards-compliant identity provider (Okta, Microsoft Entra ID / Azure AD, Google Workspace, OneLogin, JumpCloud, Ping). Configuration is done by your organization owner under Console → Settings → Authentication.

Once SSO is enabled for a domain, members of that domain bypass the password screen and authenticate against your IdP. MFA, if your IdP enforces it, satisfies bRRAIn's MFA requirement automatically.

What we never ask for

  • We will never ask for your password by email or chat. Anyone asking is impersonating us.
  • We will never ask for your MFA code over the phone. Real MFA prompts only happen in your browser at the sign-in screen.
  • We will never email you a one-time link without your having requested it from a sign-in or password-reset flow.

If something looks off, close the message and go directly to brrain.io/login by typing the URL into your browser.

Where to next

  • Organizations — how organizations work and how to manage members.
  • Your data — what we store about you and how to export or delete it.
  • Login & MFA security — deeper detail on the cryptography behind sign-in.