Adding access code to Docusign document for added security

SHARE THIS POST
Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest

From https://support.docusign.com/en/guides/ndse-user-guide-access-code

Access Codes for Recipients

Adding an access code for your recipients adds an extra level of security to your documents. You add a code to a recipient on the document, and then communicate the code to the recipient. You can relay the code in any way that you wish, such as by phone or in a separate email communication. However, do not include the code in the document message, as this would reduce the security value of the code. The recipient must enter the code correctly in order to view and sign the document.

Limits: The code can be up to 50 characters long, and contain alphanumeric and special characters, except for “<“, “>”, and “&#”. You can use upper- and lower-case letters, but the code is not case-sensitive. Your DocuSign administrator can set access code rules to specify the requirements for valid codes. See Security Settings for details.CONTENTS

Add an access code for a recipient

Autogenerate codes for greater security

What if recipients fail the security challenge?

Access codes and templates

Combine access code and recipient authentication

Access code and email notification link expiration

To add an access code for a recipient

  1. Add a recipient to a new document.
  2. Click MORE and select Add access authentication.
  3. Select Access Code in the authentication drop-down and enter a code using alphanumeric and special characters.
  4. Provide the code to your recipient. You can relay the code in any way that you wish, such as by phone or in a separate email communication. However, do not include the code in the document message, as this would reduce the security value of the code.When you send your document, the recipient must provide the access code in order to open the document.

Autogenerate codes for greater security

If the feature is enabled for your account, you can use the autogenerate code option to enter an access code. The code is generated in accordance with the access code format rules set for your account. The autogenerated codes provide a higher level of security due to their randomness and complexity.

Many DocuSign customers use access codes. However, most of them create simplistic codes like “123”, which don’t add much security to the transaction. The access code generator is designed to help you generate more secure codes.

To autogenerate an access code

  1. Add an access code to a recipient, and click in the empty code box.
  2. Click AUTOGENERATE CODE.
  3. Use the copy to clipboard option to copy the code so that you can communicate it to the recipient.

If recipients fail the authentication challenge

If recipients fail the authentication, or have lost the code, and cannot access your document, what can you do?

  • Resend. Use the resend feature to send a new notification email and give them another chance to pass the validation step.
  • Check the code. If you need to check the recipient’s assigned code, you can see it in the Document details view.
  • Correct. Use the correct feature to modify the document to remove or change the access code requirement.

Access codes and templates

Just as with documents, you can apply access code requirements to template recipients. You can add an access code requirement to a template role or a named person.

With a template, you have the added options to:

  • Make the access code required. Select the Require an access code… option. When the template is used to send a document, the sender must enter an access code for the recipient.
  • Enforce a specific access code. Enter a code, and then set the Advanced Option Don’t allow senders to edit, add, or remove recipients. When the template is used to send a document, the access code you entered is applied to the recipient and cannot be changed or removed.

Combine access codes and recipient authentication

To enhance document security even further, you can combine an access code with a recipient authentication method. Recipient authentication methods include phone, SMS, and knowledge-based ID check. See Recipient Authentication for more info.

Access code and email notification link expiration

For unauthenticated users, as a security measure, the envelope links in email notifications automatically expire after five clicks or 48 hours. Signers can easily request a new link, or, if they have a DocuSign account, they can access the document by logging into their account, even if the email link has expired.

If you add an access code, the code remains the same for any new link generated. If your account security settings require signers to authenticate every time they view documents, then the link will not expire.

For more information on email notification link expiration, see this Support article.

Send feedback about this guide

Jeff Cecchini

Jeff Cecchini

Jeff is the CEO of Advisoran. He has founded numerous successful businesses in the industries of bookkeeping, tax, payroll processing, software development, and construction. He brings this real world experience to guide his clients to their success. His goal is to help entrepreneurs build healthy businesses that improve their lives.
All Posts »

Leave a Comment

Recent Posts