# Account Settings > Settings covers account identity, password security, billing plan management, and API key generation — the infrastructure that underpins every workspace you operate. - Human page: https://mailrith.com/docs/account-settings - Category: Getting Started - Reading time: 10 min read ## What this guide covers Update your profile, change your password, manage your subscription plan, and generate API keys for programmatic access. ## Sections - Profile and Security - Billing - API Keys - Best Practices ## Visual Reference ![Mailrith account settings page open to the Billing tab showing plan details.](https://mailrith.com/docs/screenshots/account-settings.png) The Billing tab shows your current plan status and provides access to the Dodo customer portal for payment management, invoice downloads, and subscription changes. ## Profile and Security Settings is where you manage your own Mailrith account. It is different from a workspace page. Workspace pages manage marketing work such as subscribers, forms, campaigns, and automations. Settings manages the personal account, billing, and integration access that support that work. Your profile details identify you inside Mailrith. Your display name and account email may appear in team areas, invite records, or internal account views. They are not the same as the sender name or sender email that subscribers see in their inbox. Subscriber-facing sender identity is set on [Email Delivery Connections](https://mailrith.com/docs/email-delivery-connections.md). The security area is for changing your password. Use a password that is unique to Mailrith and not shared with another service. If you believe someone else may know your password, change it immediately, then review API keys, authorized apps, and team member access. 1. Click **Settings** in the left sidebar. 2. On the **Profile** tab, review **Name** and **Email** so teammates can recognize you in invites, ownership records, and team areas. 3. Update your profile details if they are wrong, then click **Save Profile** before leaving the page. 4. Click the **Security** tab when you need to change your password. 5. Enter **Current Password**, **New Password**, and **Confirm New Password**. 6. Click **Update Password**. 7. After a suspected account issue, also review [API Keys and Authorized Apps](https://mailrith.com/docs/api-keys-and-authorized-apps.md) and [Team Members](https://mailrith.com/docs/team-members.md) for access you no longer trust. Email access matters too. Verification emails, password reset links, invite acceptance, and important account messages depend on your account inbox. If you lose access to that inbox, update your account email before it becomes a blocker. ## Billing The billing area shows the current plan state and the next available billing action. Depending on your account, you may see a free plan, a trial, an upgrade option, or a customer portal link for an existing subscription. Billing and workspace access are related but not identical. You can own more than one workspace, and paid access may affect which features are available in each one. If a feature page shows an upgrade message, first confirm that you are viewing the correct workspace, then check Billing to understand the current plan state. Use the customer portal to manage payment method, invoice history, and subscription changes when a subscription already exists. Use the upgrade flow when the account or workspace is still on a free or trial state. 1. Click **Settings** in the left sidebar, then click the **Billing** tab. 2. Check the current plan state before assuming a feature is unavailable or broken. 3. If you see **Choose Monthly** or **Choose Annual**, review the plan details and start checkout only when you are ready to change the subscription. 4. If you see **Manage Subscription**, open it to update payment details, download invoices, or manage an existing subscription. 5. Return to Mailrith after checkout or portal changes and refresh the page if the billing state has not updated yet. For a full explanation of free, trial, paid, checkout, and customer portal states, read [Billing and Plans](https://mailrith.com/docs/billing-and-plans.md). ## API Keys API keys let an outside system connect to Mailrith without a person logging in every time. A website might use an API key to add new subscribers. A customer database might use one to update custom fields. A reporting tool might use one to read subscriber information. Treat every API key like a password. The full key is shown only when it is created. Store it in a secure place, such as a password manager, a server secret manager, or an environment variable controlled by your engineering team. Do not paste keys into shared documents, public code, support tickets, screenshots, or email threads. - **Name keys clearly:** use names such as "Website signup form" or "CRM nightly sync" so you can tell what each key is used for later. - **Use one key per connected system:** this lets you revoke one integration without interrupting every other integration. - **Choose the narrowest access that works:** use read-only access for tools that only need to view data. Use read-write access only when the tool must create or change data. - **Rotate old keys:** create a replacement key, update the connected system, confirm it works, then revoke the old key. - **Revoke unused keys quickly:** remove keys for retired websites, vendors, scripts, old staging environments, or tools no one owns anymore. For step-by-step credential guidance, read [API Keys and Authorized Apps](https://mailrith.com/docs/api-keys-and-authorized-apps.md). ## Best Practices Review Settings before launching a real campaign and any time account ownership, team access, or connected tools change. - **Keep login access personal:** do not share your username and password with teammates. Invite people through [Team Members](https://mailrith.com/docs/team-members.md) so each person has their own access. - **Separate account identity from sender identity:** changing your profile email does not configure what subscribers see in their inbox. Update sender details on the delivery connection instead. - **Check billing before planning a launch:** make sure required features are available before building a campaign around them. - **Audit access after staff or vendor changes:** remove old team members, revoke unused API keys, and review authorized apps when someone leaves or a tool is retired. - **Keep records understandable:** clear names for workspaces, keys, and integrations make future troubleshooting much easier. If something in Settings looks wrong, compare the account-level area with the workspace-level page. For example, a campaign sender problem usually belongs in Email Delivery Connections, while a subscription or invoice question belongs in Billing. ## Related Guides - [Billing and Plans](https://mailrith.com/docs/billing-and-plans.md): Billing explains what plan your workspace is on, which features are available, and where to start checkout or manage an existing subscription through the customer portal. - [API Keys and Authorized Apps](https://mailrith.com/docs/api-keys-and-authorized-apps.md): API keys and authorized apps control how outside systems access a workspace. This guide explains when to use each one, how to create credentials safely, and when to revoke access. - [Workspaces](https://mailrith.com/docs/workspaces.md): Workspaces keep separate brands or clients fully isolated within one Mailrith account — each has its own subscribers, campaigns, forms, automations, and team access.