The Signing password authentication method requires a recipient to enter a password that the agreement's sender provides. Passwords as a security method are well understood and easily adopted by recipients that might find more complex authentication methods daunting.
The sender defines the signing password when they compose the agreement, and it must be communicated to the recipient by some out-of-band process (Phone call, email, text).
The default authentication process challenges the recipient to validate their identity by entering the agreement's signing password in a text field.
Once the authentication is passed, the recipient is granted access to view and interact with the agreement.
If the recipient closes the agreement window for any reason before completing their action, they will have to re-authenticate to resume.
The Signing password authentication method is available to all service plans with no costs associated.
When Password authentication is enabled, the sender can select it from the Authentication drop-down just to the right of the recipient's email address.
The audit report clearly indicates the recipient entered a valid password:
If the agreement is canceled due to the recipient being unable to authenticate, the reason is explicitly stated:
Signing password authentication has two sets of controls, which are available to be configured at the account and group levels:
The option to use Signing password authentication can be enabled for senders by navigating to Send Settings > Identity Authentication Methods
Email templates, like the post-signature verification to the recipient, can contain a link to the original agreement on the Acrobat Sign servers:
By enabling the Use password when viewing the agreement after it has been signed setting, any attempt to access the agreement via link will be challenged to enter the same password that was used to verify the recipient's identity.
This setting is embedded into the agreement when it is created. Changing the setting does not change the experience for agreements that are already in process.
If the identity verification password for the recipient is changed, the authentication to view the agreement via link adopts the new password as expected.
The challenge process is exactly the same as the original recipient authentication process:
The agreement will not open for viewing until the correct identity password is entered.
There is no option to edit or disable the password authentication after the recipient has signed and completed their action.
The agreement signing password has three control options that can be configured by the admin on the Security Settings page under the Agreement Signing Password section:
The setting values are:
► None - Requires the password to be set with at least one non-whitespace character
► Standard - Requires a minimum of 6 characters
► Medium - Requires a minimum of 7 characters
► Strong - Requires a minimum of 8 characters
If you do not see the Security Settings available in your menu, verify that the authentication method is enabled on the Send Settings page.
Individual tier accounts do not have access to the Security Settings tab. For these accounts, the Standard setting value is applied (a minimum of six characters).
Customers in the Acrobat Sign for Government environment do not have access to adjust the document password strength. These accounts must use a password consisting of at least 14 characters, including at least:
If the settings restrict the number of password authentication attempts, and the recipient fails to authenticate that number of times, the agreement is automatically canceled.
The agreement's originator is sent an email announcing the cancelation with a note identifying the recipient that failed to authenticate.
No other parties are notified.