Skip to main content

Security
1 follower
0 questions
10 posts

Interested in this Topic?
Signup up now to follow this topic, join the discussion, and always stay updated.

2FA

Why hasn't Pipedrive implemented industry standard 2Fa usign Google Authenticator or Authy?  Instead, everytime I log in to pipedrive, I have to switch to emaila nd search for the authorization. Very annoyign and makes me want to cancel my subscription.

 

Also, in this support form, if I click the survey poll option, all of my comments are erased.

New: Account lockdown after too many failed login attempts🔒⛔

Why?

To make the Pipedrive's login process even more secure in regards to external threats.

For whom?

This feature is available for all plans and should be rolled out to all users by the end of this week.

How does it work?

  • 3 consecutive failed login attempts (wrong email+password combination)
  • Your account locked for 24 hours
  • You immediately receive an email to unlock account
  • Correct email+password combination lets you log in

  • You can unlock the account using "forgot password":

🧑‍🏫 Learn all about this feature in our Knowledge Base tutorial.

➡️ Learn more about our Security Features from the... (More)

Now live: account lockdown after too many failed login attempts 🔒

🎉 UPDATE: This feature is now live, see more here.

-------------------------------------

How will it work?

The account is locked if a wrong password is entered a certain number of times during a certain time period.

Why?

To make the Pipedrive login process even more secure in regards to external threats.

For whom?

This feature will be available for all plans.

➡️ Learn more about our Security Features from the Knowledge Base and the Pipedrive Academy.

➡️ Pro tip: join our Research and Beta Testing channel for the chance to try out early versions of new and improved features.... (More)

Honey pot to prevent SPAM

I posted this earlier, but perhaps not in the right feed.

We received some SPAM meeting invitations. Since the contact information (name, email, phone) are not auto-populated with the recipient's info, someone can enter info and create SPAM invitations. Also, since the meeting invitation is a link, the link can be forwarded to others or used by bots to create SPAM.

Two enhancements might help:

  1. If the contact info could be auto-populated with the recipient's contact info from the Person record.
  2. A honey pot to prevent bottoms from completing forms.
  3. Other ideas?