User authentication to log in to SDS Encryption Portal is different depending on whether the user is internal or external.
Internal users enter their e-mail addresses and passwords on SDS Encryption Portal, which sends them to the SDS cloud service. Passwords are sent via an SHA256 hash. The SDS cloud service checks the user’s credentials, so the user can request the keystore. After verifying authorizations, the SDS cloud service makes the keystore available to the user. Once connected, the user can protect or decrypt files.
Every time external users log in to SDS Encryption Portal with their e-mail addresses, they receive a unique access code that remains valid for two hours and is deleted after use. This code allows users to authenticate and retrieve the keystore they need to decrypt the file.
External users who have never been invited cannot log in to SDS Encryption Portal.