Skip to main content
Welcome to Virtru's support portal. As we work to make this page more accessible to screen readers, please contact us at support@virtru.com for technical support.

Security Option: Require Authentication

  • Updated

This feature is enabled by request only

Please contact your Customer Success Manager or Virtru Support to enable this feature for your team.

About

In addition to encrypting messages and attachments, Virtru gives users the ability to apply and manage additional security settings. Among these settings is the option to choose whether their recipients will be required to authenticate before accessing the secure message and files. This feature is called "Require Authentication," (formerly called "One-Click"). 

When an organization has this feature, users have the option to toggle authentication on or off for every secure email they send. If Require Authentication is off, the recipient will not be required to verify their identity to access a secure message. The message will still be encrypted, but once a user clicks the Unlock Message link, they will be routed directly to the content in the Secure Reader. This saves non-Virtru users time and makes it easier for them to access secure content. However, it is not as secure as requiring users to authenticate prior to accessing a message (which is Virtru's default for all secure messages). 

Require Authentication in list of security features

This feature can be applied using our Gmail plugin, the Outlook Desktop Extension (Desktop only), the Outlook 365 Add-in (for Web, Desktop, Mobile), or the Control Center. 

Note

Require Authentication is not available for Virtru mobile apps (iOS or Android), organizations with a Virtru Private Keystore, and cannot be enabled in conjunction with Disable Forwarding, Watermarking, or PFP

Jump to:

Manage Require Authentication - Email Clients
Recipient Experience
Security and Compliance Considerations

Manage Require Authentication - Email Clients

Disable Require Authentication while drafting a secure message

1. Open a new draft and toggle Virtru ON.

2. If you are using Virtru for Gmail, open the Security Options menu. Security options for the Outlook Desktop Extension are visible in the Message tab while composing a message. Security options for the Outlook 365 Add-in are visible once the Virtru add-in is opened and toggled ON.

Security options in a draft

3. Toggle Require Authentication OFF (For Gmail and Outlook 365 users, this will automatically enable a 30 day expiration, but this can be changed). If you are using the Outlook Desktop Extension, toggle "One-Click" on.

Require Authentication in a Draft

4. Compose the rest of your message and Send.

Default State

If you want require authentication to default to OFF for all new secure messages, please contact Virtru Support.

Manage Require Authentication after a secure email is sent

1. With Virtru enabled, open the sent secure message. In Gmail and Outlook 365, expand the Security Options menu. In the Outlook Desktop Extension, these settings are visible in the Home tab of the Inbox view or the Message tab of the popped-out message view.

Security options in a sent message

2. You can then turn Require Authentication (or One-Click) on or off

Require Authentication in a sent message

Recipient Experience

When recipients receive an email with Require Authentication turned OFF, the content will still be encrypted and non-Virtru users will still see the Unlock Message template.

Unlock Message template

When the recipient (or any user with the link) opens the Unlock Message link, they will be routed directly to the decrypted message in the Secure Reader. They will not follow the typical verification process

Secure Reader user logged in as an IP address

In the top right corner (if they have not previously logged into the Secure Reader), they will notice that they are logged in with their IP address.

Users will only be prompted to verify their identity if they want to reply to the secure message. This is required to ensure the authenticity of the source of any content that’s in that Secure Reply and so that the user can receive a copy of their reply.

Verification prompt

Clicking Verify will route a user to the verification screen to begin that process.

Verification page

Security and Compliance Considerations

Virtru's Require Authentication feature is designed to be leveraged as one part of your Security compliance strategy. When Require Authentication is toggled OFF, recipients of Virtru-encrypted messages will be able to access secure email and attachments in a single click. In addition, unlike traditional encryption approaches (eg, TLS, Portal Based solutions), senders and organizations maintain control of email and attachments through on-demand revocation, setting content expiry rules, and fine-grained audit. 

When Require Authentication is toggled OFF, it will remove Virtru's identity verification and automatically add a 30-day expiry by default (you can manually change or remove the expiration date if desired). Removing Virtru identity verification increases the risk that unintended recipients may be able to access Virtru-protected content before the automatic expiry. Any customer considering toggling Require Authentication OFF should consider this risk in the context of their specific use cases for this feature.

Related articles