Skip to main content
Understanding Secure Links
Updated over a week ago

What's in this Article

What Are Secure Links?

Secure links are a new technology that enhances some of our features to help finish different tasks in Canopy. This lets any non-portal user securely access a resource, when they need to sign, view, or even upload files. Canopy emails a secure one-time use link, giving a user access to a resource (no login required) to complete tasks.

What Canopy Features Use Secure Links?

Canopy helps you have the firm you’ve always wanted by developing tools to help reduce friction to complete work between your firm and clients. Secure links do exactly that. Here are a few features in Canopy that use secure links:

We plan to apply this technology to other existing and future features in Canopy.

How Do They Work?

When you fill in a person’s name and email, Canopy sends a secure link that gives them access to the resource and can complete any tasks associated with it. By design, these links let the user access only the resource/location assigned to them, and nothing else. If you give a user access to view a specific file, they won’t be able to see anything else. They can only access these links for a limited time. The specific timeframe depends on what you send the user.

Example: If you send an eSign secure link to a user, it will expire 30 days after the day you sent it. They can access shared files with others for up to two weeks. You can still view these files and tasks in the client portal after the links expire. A link to log in to the client portal shows after the expiration date for the client. We recommend that if you need to view tasks after the expired timeframe, log into the client portal.

How Secure Are They?

In the realm of information security, the overall integrity hinges upon the identification of the most susceptible access point. For those seeking a concise solution, a link is generated utilizing a secure and unpredictable string. Consequently, the safety of these links is contingent upon the security of the recipients' email accounts and the network through which the link is accessed.

From a technical standpoint, our links are generated using a secure, encoded 256-bit string, translating to 52 characters. Notably, the industry standard for secure temporary links typically employs 128-bit strings or 26 characters; however, we have opted to double this measure for enhanced security. Probability theory underscores the extraordinary odds of someone successfully guessing the URL at one in 1.6X10^92. Consequently, the weakest link in the security of your links resides within the email and the associated network infrastructure. Unauthorized access to the link can only occur if the information is intercepted from the network in use, a vulnerability that may be exploited on public or insecure networks, or in the event of email compromise through hacking.

To fortify the security of links and associated information, consider the following measures:

  1. Secure network connections.

  2. Strengthen your email account security through the implementation of 2-factor authentication (2FA) and robust passwords.

Additionally, it is advised that emails containing secure links explicitly instruct users not to forward them, as such actions may compromise the overall security posture.

Did this answer your question?