> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sinosend.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Control File Access with Passwords, Expiry, and Roles

> Manage who can access your Sinosend files with passwords, expiry dates, per-recipient revocation, team roles, and two-factor authentication.

Encryption keeps your files unreadable in storage and in transit — access controls determine who is allowed to open them in the first place. Sinosend gives you a full suite of tools to define, restrict, and revoke access at any level: per transfer, per recipient, or across your entire team. Critically, most of these controls can be changed after a transfer has already been sent.

## Password protection

Adding a password to a transfer means that clicking the download link alone is not enough. The recipient must also enter the correct password before the file becomes accessible.

### Add a password at transfer creation

<Steps>
  <Step title="Start a new transfer">
    Click **New Transfer** from your Sinosend dashboard.
  </Step>

  <Step title="Upload files and add recipients">
    Add your files and enter each recipient's email address.
  </Step>

  <Step title="Expand Security settings">
    In the transfer settings panel on the right, click **Security** to expand it.
  </Step>

  <Step title="Enable Password protection">
    Toggle **Password protection** on, enter your chosen password, and click **Send**.
  </Step>
</Steps>

### Add, change, or remove a password after sending

<Steps>
  <Step title="Open the transfer">
    Go to **Dashboard** → **Transfers** and select the transfer you want to update.
  </Step>

  <Step title="Go to Security settings">
    Click the **Security** tab on the transfer detail page.
  </Step>

  <Step title="Update or remove the password">
    Enter a new password to change it, or toggle **Password protection** off to remove it entirely. Click **Save** — changes are instant.
  </Step>
</Steps>

<Tip>
  Share passwords through a different channel than the download link itself. For example, send the link by email and communicate the password by text message or phone call.
</Tip>

## Transfer expiry

By default, transfers expire after a set period. On paid plans, you can extend expiry to a specific future date or disable expiry entirely so a link remains active indefinitely.

<CardGroup cols={2}>
  <Card title="Set a specific expiry date" icon="calendar-check">
    Choose an exact date in the transfer settings. The link automatically deactivates at midnight on that date, without any action required from you.
  </Card>

  <Card title="No expiry (paid plans)" icon="infinity">
    Leave the expiry field blank to keep a transfer active indefinitely. This is useful for recurring document access or long-running projects.
  </Card>
</CardGroup>

To update the expiry on an existing transfer, open the transfer → **Settings** tab → adjust the **Expiry date** field → **Save**.

<Warning>
  Removing an expiry date means the link stays active until you manually revoke access or delete the transfer. Review long-lived transfers periodically to make sure access is still appropriate.
</Warning>

## Per-recipient access revocation

You can remove one recipient's access without affecting the download link for any other recipients. This is useful when a contact leaves an organisation, a deal falls through, or access was granted in error.

<Steps>
  <Step title="Open the transfer">
    Go to **Dashboard** → **Transfers** and click the relevant transfer.
  </Step>

  <Step title="Open Recipients">
    Click the **Recipients** tab on the transfer detail page. You will see every email address the transfer was sent to.
  </Step>

  <Step title="Revoke access">
    Click **Revoke** next to the recipient you want to remove. Their access is cancelled immediately — any subsequent attempt to open the link will be blocked.
  </Step>
</Steps>

<Note>
  Revoking one recipient does not affect other recipients' access. If you want to disable access for all recipients at once, use the **Deactivate transfer** option in the **Settings** tab instead.
</Note>

## Role-based access control for teams

When working with a team inside Sinosend, you assign each member a role that defines what they can see and do. Roles are applied at the account level and govern access across all transfers within that account.

| Role       | What they can do                                                                                                       |
| ---------- | ---------------------------------------------------------------------------------------------------------------------- |
| **Admin**  | Full account access — manage team members, adjust billing, configure account settings, create and manage all transfers |
| **Editor** | Create new transfers, manage and edit any transfer in the account, access all uploaded files and analytics             |
| **Viewer** | Read-only access — can view transfers and analytics but cannot create, edit, or delete anything                        |
| **Guest**  | External reviewer — can view shared content and leave comments; cannot create, manage, or access account settings      |

### Assign a role to a team member

<Steps>
  <Step title="Open Team settings">
    Go to **Account Settings** → **Team**.
  </Step>

  <Step title="Invite or locate the member">
    Click **Invite member** to add a new person, or click the name of an existing team member.
  </Step>

  <Step title="Select a role">
    Use the **Role** dropdown to select Admin, Editor, Viewer, or Guest.
  </Step>

  <Step title="Save changes">
    Click **Save** (or **Send invite** for new members). The role takes effect immediately.
  </Step>
</Steps>

<Tip>
  Follow the principle of least privilege: assign the lowest role that allows a team member to do their job. Promote to Editor or Admin only when needed.
</Tip>

## Two-factor authentication (2FA)

Two-factor authentication adds a second verification step to your login — even if someone obtains your password, they cannot log in without also having access to your authenticator device.

Sinosend 2FA works with any TOTP-compatible authenticator app, such as Google Authenticator, Authy, or Microsoft Authenticator.

### Enable 2FA on your account

<Steps>
  <Step title="Open Security settings">
    Go to **Account Settings** → **Security**.
  </Step>

  <Step title="Enable 2FA">
    Click **Enable 2FA**. Sinosend displays a QR code.
  </Step>

  <Step title="Scan the QR code">
    Open your authenticator app, select **Add account** or the **+** icon, and scan the QR code shown on screen.
  </Step>

  <Step title="Confirm the setup">
    Enter the six-digit code shown in your authenticator app into the confirmation field on Sinosend, then click **Verify**. 2FA is now active on your account.
  </Step>
</Steps>

<Warning>
  Save your backup codes when prompted. If you lose access to your authenticator device and have no backup codes, you will need to contact support to regain account access.
</Warning>

## Audit trails

Every action taken on a file or transfer — upload, download, preview, share, revocation, deletion — is recorded in a tamper-evident audit log. Each log entry includes:

* **Timestamp** — exact date and time of the action (UTC)
* **Actor** — the Sinosend user or recipient who performed the action
* **IP address** — the network address from which the action originated
* **Geo-location** — the city and country associated with the IP address
* **Action** — a description of what was done (e.g. "File downloaded", "Password changed", "Access revoked")

### Access your audit trail

Go to **Dashboard** → **Transfers** → select a transfer → **Activity log** tab. For account-level logs covering all transfers and team actions, go to **Account Settings** → **Audit log**.

<Tip>
  Export audit logs as CSV from the Activity log tab for integration with your own compliance or SIEM tooling.
</Tip>
