Donorfy Security Centre


Keeping your Donorfy secure and maintaining security is always a high priority for system administrators, and to help you do just this the Security Centre Dashboard will provide you with the information you need.

What information does it provide?

An overall security rating 

The overall security rating is from E (low) to A (high) and is based on a number of factors, such as inactive user accounts, two-factor authentication enabled, email addresses not matching your email domain name, and how many system administrators there are in your Donorfy. A helpful suggestion is provided on-screen as to how you can better your rating.


Two Factor Authentication

How many and which of your users have not yet 2FA enabled, you can then send them a nudge by email to and perhaps include this link in your email.

In fact, what even better is that you can do this directly from within the Security Centre Dashboard! 

Under the section at the top of the security centre, there is an option to email users without 2FA enabled - click on the down arrow, add any additional text to the Email Body and then press send. 

Your users will then receive an email into their inbox asking them to enable 2FA - brilliant! 


The fewer users who do not have 2FA enabled, the better your security rating.


Inactive Users

Has a user left your organisation recently, or you have stopped working with an agency and you have forgotten to close/delete their account? 

Within this section, you can see who has not logged in within the last 90 days, as well as those who have never signed in. (You can also see this under Settings > Users)

Delete the genuine inactive accounts - or else disable logins for these users - to maintain your security and increase your rating. 


Unrecognised Email Addresses

Within Settings > Account is the main contact for your organisation. The domain (the bit after the @ in an email address) in that email address is then used to determine the usual domain for your Donorfy. Any users who do not have the same domain will be highlighted. We know that some of these will be genuine, so there is an option to ignore an email address. 

The fewer unrecognised email addresses, the better your security rating.

If your Unrecognised Emails number is showing a negative number or does not add up correctly, click 'Reset Ignored Emails' and re-ignore the users that you recognise.


User Roles

Within this section is a numerical summary of how many users sit within a certain User Permission Role (viewer/standard/admin). Whilst it's always advisable to have more than 1 system admin (in case one is leaves or is off work for a period of time), having lots of system admins is not.

You can review user permissions as per this article: User Permissions





Where can you locate it?

The Security Centre can be found under Settings > Security Centre


Who has access to the Security Centre?

System Administrators will have access to the Security Centre




Please sign in to leave a comment.
Powered by Zendesk