Helping you keep your data and users protected

Invision Community is designed with both security and privacy in mind, allowing you to control exactly who can see what. Plus, our tools help you to meet your legal obligations.

Permissions in Invision Community
Group Permissions

Permission flexibility built-in

Invision Community has dozens of permission controls for member groups. Configure exactly what each group can do - post polls, upload attachments (and how big they can be), rate content, use tags and a whole lot more.

Content areas have their own permissions too. Decide exactly which groups can see, read, post, rate or review content within it. Want a forum just for your most active members, or a gallery category only staff can post in? No problem.

Private Communities

Built-in support for private communities

Building an intranet community, or just don't want anything to be publicly viewable? Invision Community supports private communities by optionally requiring users to sign in before being able to see any part of your site. You can also review registrations before enabling the account, or disable registrations entirely if you want more control over who can get in.

GDPR tools in Invision Community
User Privacy

Tools to assist with GDPR compliance Updated

The new EU General Data Protection Regulation (GDPR) imposes new requirements on communities handling personal data from EU citizens. Invision Community can help you comply with these regulations - and user privacy best practices in general - with a number of data protection tools, including:

  • Custom privacy policy
  • User data erasure
  • Informed consent to receive emails
  • Cookie acknowledgement on first visit
  • Cookie information page
Two-Factor Authentication in Invision Community
Google Authenticator
Two-Factor Authentication

Keep accounts secure with 2FA

Two-factor authentication (2FA) is built into Invision Community to provide an additional layer of security for user accounts. When performing certain actions, such as logging in, they'll be prompted to enter a code from their phone or answer security questions to verify their identity. 2FA can be enabled for all users, or just the member groups you're most concerned about, and be optional or required.

Google Authenticator icon Authy icon
Device Management in Invision Community
Device Management

Protect accounts with alerts for unusual activity

Account security is critical in any organization, so users can review the devices on which they are currently logged in to check for suspicious activity, as well as receive an email alert whenever a new device logs in using their details. Administrators can review the devices in use for any user and choose to disable automatic sign-in for any of them, to protect the user and the community.


Secure password hashing

Invision Community implements industry-standard Blowfish hashing for storing user passwords, protecting your users from password theft.

Brute-force protection

Invision Community supports brute-force protection, ensuring an account is locked temporarily if too many incorrect attempts are made to log in.

Password strengths

Optionally require that user passwords meet a strength rating, ensuring good passwords are used. Or, choose to make it advisory instead.

Comprehensive logging

Easily review what staff have done with data in the AdminCP, thanks to comprehensive logs that Invision Community automatically maintains.

Start your own community today from $45/mo

Buy now Try a demo