SendSafely supports and strongly recommends mandating the use of Two-Factor Authentication (2FA) to protect the accounts of registered SendSafely users. Along with other personal and organizational controls against password compromise (e.g., using only strong unique passwords), 2FA helps secure SendSafely accounts against malicious attempts to hack, brute-force guess, or phish account access.

Which SendSafely users can use 2FA?

All registered SendSafely user accounts, regardless of subscription level, can and should use Two-Factor Authentication. Any Workspace Collaborators can and should use 2FA as well. 

Which 2FA methods does SendSafely support?

SendSafely supports several different ways to utilize Two-Factor Authentication to protect user accounts.  The options follow below in order of recommendation:

2FA via Single Sign On (SSO)

SendSafely strongly recommends leveraging your organization's SSO solution to authenticate employees prior to providing access to SendSafely.  This allows an organization to protect employee SendSafely accounts using existing corporate security infrastructure for logging, monitoring, and alerting, while also leveraging existing security SSO 2FA controls – ideally, FIDO2/WebAuthN–without having to reinvent the wheel.

SendSafely supports SSO using the SAML2 authentication standard, and is listed in the application catalogs for Okta, OneLogin and Azure AD.  

2FA via “Login using your Google Account”

You can enforce this option to require your employees to log into SendSafely using their Google Workspace accounts. This allows you to leverage Google's excellent Cross-Account Protection services, including detection and alerts. In addition, Google Workspace accounts also support 2FA natively including the very strong FIDO2/WebAuthN based hardware tokens.

2FA via Authenticator App

SendSafely natively supports Two-Factor Authentication via the following Authenticator Apps: Google Authenticator, Duo Mobile, Authy and Windows Phone Authenticator. 

After you have set up 2FA via SMS (required first step outlined below), you can set up up 2FA via Authenticator App by following these steps: 

1. Download your preferred Authenticator App to the smartphone bearing the mobile number that you provided for SMS verification. 
2. While logged into your SendSafely web portal, click the circle icon containing your initials in the top right corner of the screen. 
3. Click Edit Profile. 
4. Click Login Options. 
5. Click Set up Authenticator App. 
6. Scan the QR code displayed with the Authenticator app on your phone. 
7. Enter the verification code provided and your SendSafely password. 
8. Click Complete Setup.

Now that you have enabled 2FA, you will need to enter an authentication code every time you log into SendSafely. If you do not have access to your authenticator app, you can choose to have your authentication code sent to you via SMS instead. 

2FA via SMS

You can enable Two-Factor Authentication via SMS during account registration by providing your Mobile Number, which we will confirm and register with your SendSafely account. If you skipped this step during account registration, you can still enable 2FA via SMS by following these steps:

1. While logged into your SendSafely web portal, click the circle icon containing your initials in the top right corner of the screen.
2. Click Edit Profile.
3. Click Login Options.
4. Click the checkbox labeled Yes beside “Enable Two-Step Authentication?”
5. Enter your mobile number, choose your country, and click Save.

Please note that 2FA via SMS is not as secure as 2FA via Authenticator App. It’s better than having no 2FA, but should only be used by employees who do not have a smartphone.

Can I enforce Two-Factor Authentication?

Yes, and the enforcement setting is enabled by default for all SendSafely portals.  For more information on how your organization's SendSafely portal administrator can require that all registered SendSafely users within your organization use Two-Factor Authentication via SMS or Authenticator app please see this help center article.

SendSafely has started a program to mandate the use of Two-Factor Authentication for all SendSafely customer user accounts. 

Congratulations! By setting up Two-Factor Authentication, you’ve taken a great step toward improving the security of your SendSafely account and your organization.