Here at HelloSign, strong authentication is the backbone of our security platform. Here are some of the increasing ways that we adhere to current authentication practices:
- 2-Factor Authentication - Users are able to set up 2-Factor Authentication (using SMS), which requires the entry of a unique code sent to that individual via mobile, along with their username and password.
- Password-protected signature requests - Users can enable a 4-12 digit pin code that signers need to enter in order to view or sign a document
- OAuth - The HelloSign API supports OAuth as a means of authenticating API calls on behalf of a user
- Unique key-based authentication for the API
- All passwords are hashed and salted with an adaptive hashing algorithm
- Sessions are timed out
- All authentication data is encrypted
