Flexible Authentication Controls and Access

With nine different ways to authenticate users, Echoworx enables security without sacrificing usability or negatively impacting business processes.

Portal Authentication (also known as Pull Delivery)


  • Social Login using OAuth

    Echoworx offers a growing list of social connectors, including Office 365, Google, Salesforce, Facebook, LinkedIn, among others to authorize access to secure emails. Your customers simply log in using their existing social network credentials.

  • SSO (Single Sign-On)

    Leverage your existing web portal to access encrypted email using our Single Sign On API (SSO). With SSO, your customers log in to your portal, using their existing password, and click on a ‘Secure Mail’ button authenticating and granting them access to their encrypted mail.

  • 2FA (Two-Factor Authentication)

    Two-Factor Authentication requires your recipients to first log in to their account, and additionally verify their identity using a secondary code (through Google Authenticator, or SMS) before gaining access to their secure messages.

  • Fast Passwordless Access

    With Echoworx you can leverage existing passwordless safeguards built-in on your customers’ devices, like fingerprint scanners and other biometric measures, to validate and permit access to secure messages.

  • Sender-Set Password for Secure Rapid One-Offs

    The employee, sender, sets a password and simply clicks ‘send.’ The receiving person enters the password to gain instant access to their secure message and all accompanying attachments, with full save and reply functions.

  • Out of Band

    This method allows users to send an encrypted message with a one-time, per-message password that the sender communicates out-of-band (via phone, in-person or snail mail). The sender can also include an optional hint.

  • No Authentication

    Allows people outside your organization to send sensitive information securely inbound to you, without having to register an account. You simply provide a link (via email or website) that directs customers to a secure message-portal.

  • SMS Application or Sender Enabled

    When your organization enables SMS for authentication, the recipient receives a message pickup notification by email. Following the link, they are presented with an option to have a verification code sent to their mobile phone via SMS which then grants access to the message and/or attached document.

PDF & Attachment Authentication (also known as Push Delivery)


  • Sender Set

    Messages are encrypted with a password set by the sender at the time of sending. The user then receives a notification to login to the portal and must enter the password set by sender, which can be shared out-of-band or be a known value between the two parties.

  • User Managed

    Using Echoworx’ self-provisioning portal, external users can self-register, set and manage their own password to access encrypted emails. Additionally, they can set language and delivery preferences.

Download the Technical Validation now

Learn more about Echoworx' user-focused email encryption capabilities for enterprise

Read Now