Settings → Login & SSO ships with three things:

1. Auth mode — Required, Optional, or Anonymous, controlling who can post on the public board
2. Auto-login — bounce visitors straight into auth on first hit
3. Project secret — a 64-hex-char signing secret displayed masked, with copy-to-clipboard and one-click rotation

Rotating invalidates the previous secret immediately. The rotation timestamp is shown alongside so you can prove last-rotated to a security review.