Two-factor confidence for confidential documents
Links get forwarded. Emails get cc'd to people who shouldn't see your term sheet. A password gate is the simplest, most effective way to ensure that only authorized recipients access your most sensitive fund documents. One extra step for the recipient, complete peace of mind for you.
Start your free trialYou share a confidential term sheet with a co-investor via a shareable link. They forward it to their associate. The associate shares it with a friend at a competing fund. Within 48 hours, the economics of your deal are circulating across Sand Hill Road. This isn't a hypothetical — it happens constantly in venture capital, and a simple URL provides zero protection against it.
Archstone's password protection adds a critical security layer to every shared link. When you enable a password, anyone who clicks the link sees a branded gate that requires the correct password before the document loads. You share the password separately — via text message, phone call, or Signal — so even if the link gets forwarded, unauthorized viewers hit a locked door.
Combined with link expiry and per-recipient tracking, password protection creates a defense-in-depth approach to document governance. The link expires after your deadline, the password blocks unauthorized access in the meantime, and your analytics show you every failed attempt so you know if someone tried to get in without credentials.
Set a unique password for each shared link. Different recipients can have different passwords, so if one gets compromised you revoke that single link without affecting anyone else's access to the same document.
Share the document link via email and the password via text or phone call. This two-channel approach means that intercepting one communication channel isn't enough to gain access to your confidential fund materials.
Every incorrect password attempt is logged with timestamp, IP address, and device information. See exactly when and from where someone tried to access your document without authorization so you can assess whether a link has been compromised.
Configure a maximum number of password attempts before the link locks itself automatically. After five failed tries, the link becomes inaccessible and you receive an alert. Brute force attacks are stopped before they start.
Change the password on any active link without generating a new URL. Useful when you suspect a password has been shared beyond the intended recipient. The existing link stays live, but everyone needs the new password to get in.
Stack password protection with link expiry for defense in depth. A term sheet link that requires a password and expires in 72 hours gives you two independent layers of access control on your most time-sensitive confidential documents.
Term sheets contain your most sensitive deal information — pricing, pro rata rights, board seats, protective provisions. Password-protect every term sheet link and share passwords only via phone call. The link expires after your signing deadline, and failed attempts trigger instant alerts.
Side letters with MFN clauses and preferential economics must stay between you and the specific LP. Per-link passwords ensure that even if an LP's assistant clicks the link, they can't access the document without the password you shared directly with the principal.
When sharing portfolio company financial models with prospective co-investors during a follow-on round, password protection prevents the data from reaching competitors. Rotate passwords after each diligence phase and audit the access log to confirm only authorized viewers got through.
Archstone's link management dashboard shows all active password-protected links in one view. You can see which links have passwords set, rotate any password with a single click, and filter by document or recipient. There's no need to track passwords in a spreadsheet.
When a recipient clicks a password-protected link, they see a clean, fund-branded page with a password field. They enter the password and immediately access the document viewer. It takes about five seconds and requires no account creation or app download on their end.
Yes, and we recommend it for confidential materials. A link that requires a password and expires after a set period gives you two independent security layers. Even if someone obtains both the link and password after your deadline, the expired link returns a "no longer available" page.
There is no self-service password recovery for recipients — this is intentional for security. If a recipient loses their password, you can either share it again directly or rotate to a new password and send them the update. You stay in full control of access at all times.
14-day free trial. No credit card required.
Start your free trial