HelloSign Trust Center

Security & Compliance


Here at HelloSign, strong authentication is the backbone of our security platform.  Here are some of the increasing ways that we adhere to current authentication practices:

  • ‍2-Factor Authentication - Users are able to set up 2-Factor Authentication (using SMS), which requires the entry of a unique code sent to that individual via mobile, along with their username and password.
  • ‍Password-protected signature requests - Users can enable a 4-12 digit pin code that signers need to enter in order to view or sign a document
  • ‍OAuth - The HelloSign API supports OAuth as a means of authenticating API calls on behalf of a user
  • Unique key-based authentication for the API
  • ‍All passwords are hashed and salted with an adaptive hashing algorithm
  • Sessions are timed out
  • All authentication data is encrypted