Docs WaFloW

Security, code access, and account control

Table Of Contents

At WaFloW.ai, security is not an add-on; it is part of the system design.
That is why we use a different access and control model than most traditional platforms.

This document explains how we protect your account, why we do not use passwords, and how to maintain secure access control.

Passwordless access: how and why #

WaFloW.ai uses a temporary code access system sent by email instead of passwords.

How does access work? #

  1. Enter your email address on the login screen.
  2. You will receive a temporary code by email.
  3. Enter the code and you will be taken directly to the dashboard.

In the first record, in addition:

  • Your WhatsApp number is also validated using an additional code.

From then on, you will always access it using only the code sent by email.

Why does WaFloW.ai not use passwords? #

Eliminating passwords has clear advantages:

  • 🔐 Avoid weak or reused passwords.
  • 🔁 Eliminate the risk of sharing credentials.
  • 🚫 Reduces brute force attacks.
  • ⚡ Faster and simpler access.
  • 🧠 Less friction for teams and agencies.

The code is temporary and single-use, adding an extra layer of security.

Initial verification via WhatsApp #

During the first registration, WaFloW.ai requests additional verification via WhatsApp.

This allows:

  • Confirm that the number belongs to the user.
  • Reduce fraudulent registrations.
  • Increase overall system security.

This step is only performed once, during initial registration.

Account control and separation by subaccounts #

WaFloW.ai is designed to prevent unauthorized access between clients or projects.

Thanks to the subaccount architecture:

  • Each client or project is isolated.
  • WhatsApp devices do not mix.
  • The conversations do not overlap.
  • The settings are independent.

This is especially important for agencies that manage multiple accounts.

System operational safety #

In addition to access, WaFloW.ai applies security measures at the operational level:

  • Active monitoring of device status.
  • Detection of anomalous behavior.
  • Redundant systems to prevent interruptions.
  • Control of external integrations via API and Webhooks.

The goal is to protect both the account and the connected numbers.

Recommended security best practices #

To keep your account secure:

  • ✔️ Always use an email address that only you have access to.
  • ✔️ Do not share access codes.
  • ✔️ Keep subaccounts separate for each client.
  • ✔️ Use devices dedicated to specific purposes (sales, support, etc.).
  • ✔️ Check active API integrations periodically.

What should you do if you detect unauthorized access? #

If you suspect unauthorized access:

  1. Do not share new codes.
  2. Contact support immediately.
  3. Review subaccounts and connected devices.
  4. Disable integrations that you do not recognize.

📞 WaFloW.ai Support: +34 611 77 02 70
📞 Founder contact: +34 611 77 70 10

Summary #

WaFloW.ai prioritizes:

  • Secure access without passwords.
  • Enhanced initial verification.
  • Clear separation between clients.
  • Continuous operational safety.
  • Prevention rather than reaction.

Everything designed for climbing with confidence.

What are your feelings

Updated on 26 de January de 2026