Keeping your account safe is priority number one here at Sync.
For example, your password is never transmitted or stored, even when you use the Sync web panel. In fact, your password never leaves your computer. We don’t have access to your encryption keys either, which means only you have access to your data. That’s the basis for zero-knowledge encrypted cloud storage and it works well.
However, even with zero-knowledge encryption, your account can become vulnerable if you use weak passwords, or reuse your passwords across multiple websites or services. Your account is only as secure as your password, and that’s why we’re launching two-factor authentication.
Enabling two-factor authentication adds an extra level of security on all web-based Sync.com features. Once enabled, Sync will either email you a six digit code after you enter your password, or you can use an authenticator app like Google Authenticator on your phone to get the code. Two-factor authentication also overrides Sync’s single sign on (SSO) feature when logging into the web panel from the desktop app.
Even with two-factor authentication enabled, it’s still important to use strong passwords, and keep a vigilant watch for phishing sites or malware that may try to fool you into giving up your password. We recommend you enable two-factor authentication for Sync, and on any other websites that support it. Two steps are better than one when it comes to authentication.
Two-factor authentication can be enabled or disabled from the web panel, under the account settings / security tab. Detailed setup instructions here.