Follow

How does two-factor authentication for signing work?

Last updated 2019-07-08 18:17:24 UTC

When SMS two-factor authentication support has been enabled on your account, you will have the ability to modify how it works.

On your subaccounts, two-factor may be enabled or disabled by setting the "SMS two-factor authentication support" setting. You will now also see the setting "SMS two-factor authentication lifetime." The default setting for authentication lifetime is "None." You may choose to allow signers who have been authenticated via two-factor authentication to remain signed on the device they are using by changing this setting to "24 Hours" or "48 Hours." The signer will then be able to select to remain signed in when either of those values has been selected.

When using a classic template, you will be able to create classic template parameters to take in the mobile phone number of the signer for 2-factor. On Simple Setup templates, you can create sender inputs to take in the mobile phone number. Note that the signer may also elect to be called, so it is possible to also provide a landline. On these templates, you may choose to make the inputs required so that it always must be provided. If you do not require the entry of a mobile phone number, then 2-factor authentication will not be performed. It is also possible to use 2-factor on non template documents, as shown in the screenshot of a Simple Setup template below.

2019-05-22_9-00-01.png

 

Signers will be prompted to select how to receive the 6 digit code they need to enter.  Note that two-factor authentication may be combined with other forms of authentication, including passwords or PINs you set, or Knowledge Based Authentication.

2019-05-22_9-10-08.png

A code should be delivered in a short period of time.

2019-05-22_09.13.40.jpg

Once the signer has received their code, they enter it on the next screen.

 

2019-05-22_9-13-57.png

After entering the code, the signer continues on to signing.  If the signer chooses to not be asked again for the period of time allowed, if they revisit the unsigned document from the same device within that time period they will not be reprompted to authenticate via two-factor.

Please contact your account manager for pricing and a demonstration.

 

 

 

Have more questions? Submit a request