Two-Factor Authentication and SAML SSO Are Here
Your event data is only as safe as the logins protecting it. Today we're shipping two security upgrades that larger teams have been asking for: two-factor authentication and SAML single sign-on.
Both are live now. Both are managed by your organisation owner, right from your settings. And both were built the same way we build everything — secure by default, with as little friction as we could get away with.
Two-factor authentication, without the daily nag
Two-factor authentication (2FA) adds a second check at login: after your password, you confirm a 6-digit code from an authenticator app on your phone — Google Authenticator, Microsoft Authenticator, 1Password, take your pick. Even if someone gets hold of your password, they're not getting in.
The usual complaint about 2FA is the ritual: another code, every single morning. So we made it adaptive. Tick Trust this device for 30 days when you enter a code, and that browser stays quiet for a month before asking again. You'll see every trusted device listed on your security page — what it is, when it was last used — and you can revoke any of them in one click. Revoke, and it's back to being challenged within minutes.
You also get 10 one-time backup codes the moment you enrol. Phone at the bottom of a portaloo on day one of bump-in? A backup code gets you in, and you can re-enrol from there.
For organisation owners on Business and Enterprise, there's one more switch: Require two-factor authentication. Turn it on and every member of your organisation has 7 days to enrol — we email everyone who hasn't, show a reminder banner in the app, and after the deadline, setup is required before they can keep working. Your Security settings page shows exactly who's enrolled, so you can see stragglers coming.
One deliberate choice: enforcement covers your organisation's members — not your contractors. Field crews on a 6am install don't need a new hurdle between them and their sign list. Contractors can absolutely enable 2FA on their own account; they're just never blocked by your policy.
SAML single sign-on, for Enterprise
If your company runs Microsoft Entra ID, Okta, or another SAML 2.0 identity provider, your team can now log in to Signplanr with their corporate credentials — no separate password, no separate offboarding checklist.
Setup is a settings page, not a services engagement. Your organisation owner opens Settings → Single sign-on, pastes your IdP's metadata URL, enters your company's email domains, and picks the role new users should get. Everything your IT team needs on their side — ACS URL, Entity ID, SP metadata — is right there with copy buttons, alongside a step-by-step guide they can follow for Entra ID or Okta.
From then on:
- Login is automatic. Anyone who types a work email on your domain at the login page gets a Continue with SSO button and authenticates with your IdP.
- Provisioning is automatic. First-time logins are added to your organisation on the spot, with the role you chose. New starter gets access to the IdP app, they have Signplanr — no invitations to send.
- Existing accounts carry over. Team members who already used a password keep their role and their history; their membership simply moves to their SSO identity the first time they sign in with it.
- You can go all-in. Flip Require SSO and password login is blocked for your domains entirely — access to Signplanr is then governed by exactly one system: yours.
And because your IdP already enforces its own MFA policy, SSO users are never double-prompted by Signplanr's 2FA. One policy, one prompt, no overlap.
Availability
- Two-factor authentication — Business and Enterprise plans. Personal setup takes about a minute from Account → Security.
- SAML single sign-on — Enterprise plan. Owners set it up from Settings → Single sign-on.
The full details live in our Help Centre: setting up 2FA, requiring 2FA for your organisation, and setting up SAML SSO. If you're weighing up Enterprise and want to talk SSO, get in touch — we'll walk your IT team through it.
Signs get installed at 4am by people you've never met, using logins created in a hurry. Now the logins, at least, can be the least of your worries.
Get signage tips & product updates
Join event professionals getting practical insights on signage management. No spam, unsubscribe anytime.
Or start for free and manage your event signage today.