Skip to main content
All CollectionsProjectsSettings
Security settings of the project
Security settings of the project

Enhance project security with mandatory 2-step verification, restriction by IP or domain, and more

Updated over a month ago

In the Security settings, project administrators can review and define the security parameters of their project.

Support access

In this section, administrators can authorize the Ideals support team to access their project for the selected period of time. Support access is disabled by default but can be changed at any time if you need assistance with your project.

💡 When authorized, the support team can manage project settings, view all reports and participants, and manage document structure and permissions, but cannot view or download the documents' contents.

2-step verification

Administrators can enable 2-step verification, which will be mandatory for all project participants, including administrators. With this setting enabled, users are required to verify their identity with the second factor to access the project.

Upon enabling 2-step verification on project level, then:

  • All participants, both active and deactivated, will have it automatically enabled.

  • All new participants will be invited with the 2-step verification enabled by default.

  • Administrators can't disable 2-step verification for a specific participant, including themselves.

If you disable 2-step verification on project level, corresponding settings will be updated for all participants. Yet, if a user has enabled 2-step verification on their personal account, they will still be required to verify their identity upon sign-in. Any user can change their personal Security settings if needed.

Allowed domains and IP addresses

With the Business subscription, administrators can set additional sign-in restrictions:

  • Allowed domains: specify corporate email domains from which users can sign in to the project.

  • Allowed IP addresses: list IPs or ranges from which users can access the project, for example, only from an office location or corporate computer with VPN.

Email verification

With the Enterprise subscription, administrators can also enable email verification for additional validation of the user's access to their email address.

When enabled, users are required to enter a one-time code sent to their emails to gain access to your project, according to the selected period:

  • Once a day

  • Once a week

  • Once a month

To remove this restriction for specific users, there are 2 additional fields:

  • Trusted emails: list of users that should not be asked for the email code.

  • Trusted domains: list of email domains that should not be asked for the email code.

For example, it can be useful to facilitate access for administrators or any other trusted participants.

💡 Users will not be additionally asked for an email code to access the project if they sign in to their account with:

Did this answer your question?