PDF Receipts/Reports

When you send a receipt or giving report, a pdf version will now accompany the email. This printable version of the email contents removes the gray background and zig-zag element and is easy to print.

In the same update, we modified how recurring gifts are treated in gift receipts. From here forward, only the latest charge is on the receipt, not the entire giving history. Showing every payment instance becomes a bit much for a weekly giver, for example. The receipt is to show recent activity; for fuller history, a report can be generated by the donor from their account login.

Year-End Giving Report

Donors can access a report of their giving for the year by logging in to their donor account at www.givingtools.com/login. Once logged in, they simply select the Gifts tab and then click the “Send me a giving report” button.

Managers can also send a giving report to everybody who has donated in the past year. To do that, click Accounts in your dashboard, then scroll down to the Giving Report section. You can customize the message that accompanies the report here, too.

Cancelling a Recurring Gift

If a donor has a recurring gift they would like to cancel, they can cancel it by logging in to their donor account at givingtools.com/login. Once in, they can click the Gifts tab, find the gift in question, and click the “Cancel Recurring” button beside the gift.

Managers are also able to cancel gifts on behalf of donors. Simply find an instance of the gift in Reports, click the more button (…) and click Cancel Recurring beside the gift.

If you have any questions or need help cancelling a gift, you can also reach out to GivingTools support (support@givingtools.com). We are happy to cancel a gift on your behalf and can deal with any other unique request you may receive.

The Help section of your dashboard includes a Guide for Users that also outlines the process.

Expanded Connectivity and Export Options

We’ve been working to create more connectivity with popular platforms and to offer additional data export options.

Here’s the run-down:

In Export, select the format called “Quickbooks” for a Quickbook-friendly database export.

In Export, select the format called “MailChimp”. You can select the appeal, dates, and amount ranges to export contact infor for donors that fit your criteria.

Attendee List
If you would like to snag a list of attendees for an event appeal, select the “Attendee List” format in Export.

Deposit Information
Would you like to know when your donations were deposited in your bank account? Simply view all your history, then click Export. Select the “Include Deposit Information” option. Your export will now include the date each gift was deposited and the total amount of the batch it was included in.

Coming Soon: Salesforce
We are deep into a direct integration with Salesforce. Once completed, you will be able to automatically sync your GivingTools activity to Salesforce.

Zapier is a popular connectivity platform that enables you to connect GivingTools to a host of other platforms that are Zapier-compatible. This is a do-it-yourself option, if you want to make a connection that we do not overtly offer. To access this option, visit Help in your dashboard, click Zapier in the navigation, and click to gain access.

GivingTools Now Offers Free Text to Give

We’re pleased to announce that text to give is now offered on the GivingTools platform.

This new feature is easy to use…and we are providing it at no additional cost to our customers.

To activate text to give, simply scroll down to the Short Code section of your giving page (or edit any giving form and scroll to the Short Code section). There, you can enter a short code for your giving page or giving form. You can also customize the text message that donors receive.

To use text to give, your donors simply text the short code to the toll-free number. They then receive a texted reply that shows your text message, along with a link that takes them directly to your giving page or form. It’s that easy!

Google Analytics integration!

Many of you have been asking for it, and now we have it. Last month, we added support for using Google Analytics on your giving pages and forms!

All you have to do is get your Google Analytics tracking ID (which will look similar to this: UA-XXXXXXXX-X), and put it in the new section of the settings page.

That’s it! Once you’ve added the tracking ID, you should start seeing visitors in your Google Analytics account.

Payment failure status

Today we released a slight improvement to the reports interface: payment failure notices!

Before, you would see displayed on all gifts that haven’t been canceled or completed. However, this was a problem when gifts would fail to recur for some reason. While managers and donors would receive an email informing them of the situation, the interface would continue to say “Active”.

So today we introduced payment failure statuses:

While past payment failures will read “Fail: Unknown”, all new payment failures will have the reason listed in the reports page. Donors will also see this status in their accounts.

As always, donors can update their payment method and the gift will attempt a new installment.

We are planning a large revamp of the reports interface in the near future. Stuff like searching for gifts, filtering by status, managing them from the donor view in Accounts, and more stuff like that. Soon™.

Password Strength

Password Strength

When people are tasked to come up with a good password, often people will take some phrase or their mom’s name, switch a few characters around, and add a special symbol to the end. However, contrary to popular belief, this is actually a really bad password! The purpose of this post is to educate people on what a good password actually looks like. But first, let’s look at what sort of methods crackers use to break into people’s accounts.

Brute force

The brute force method is the one where a cracker will go through every possible combination of characters and check each one against your account. So first they’ll try “a”, and if that doesn’t work, they’ll try “b”, and if that doesn’t work, they’ll try “c”, and so on. And once they run out of letters, they try numbers. And then they try multiple letters: “aa”. I think you get the idea. For short passwords, this method is often effective. However, each additional character increases the amount of time to break the password exponentially.


In this method, an attacker will utilize known passwords (often obtained from a data breach) to try to break into one’s account. As these passwords are known to have been used before, it’s much more likely that another person used it as well. Have I Been Pwned offers a great tool that checks if a password has appeared in a data breach before.

GivingTools automatically checks your password against Have I Been Pwned.

So what is a good password?

A good password is one that is computer-generated. This doesn’t mean the password needs to be hard to remember, rather the password must have a sufficient amount of entropy to be considered secure.

One common method for secure password generation is Diceware. Diceware involves rolling a number of dice (5 or so), and from the results, looking up a word in a public word list. Do this 5 or so times, and you have a 5 word password. Now you may be thinking, if the word list is public, isn’t this susceptible to dictionary attacks? The key thing here is that you picked the words at random, this leaves approximately 1019 different passwords. Checking each one of these would actually turn into a brute force attack and due to the scale, is computationally infeasible.

The key thing to remember is that when you look at a password, you can’t really be sure how secure it is (those password strength meters are lying to you). We assume the attacker knows how the password was generated, be that Diceware or a password manager. What’s important is that there was a sufficient amount of entropy put into the generation algorithm. Usually around 20 bits is considered the bare minimum for password security, but more bits is always better!

So if you think you have a good password, try typing it into HIBP and you might be surprised! (Normally I wouldn’t recommend typing your passwords into another site, but this is the one site you can trust :).)

Passwordless Giving, No Captcha Checkouts, and More!

Today, we released a complete redesign of the GivingTools checkout experience. Not only will donors no longer have to enter a password to make donations, but they also won’t have to select road signs from a bunch of pictures!

What we’ve done: we’ve merged the second and third steps of the checkout experience into one step. In this new, consolidated step, donors fill out your custom fields, enter their email address, provide billing details, and select their payment method. They can also review their donation finally before hitting the checkout button.

No password is needed, not for the first gift, the seond, or the 200th. You will still need a password to access your account history, though. This update will add a new level of convenience that many have requested without reduction of the security of your data. In fact, your data is more secure through our passwordless system than using the old system!

We’ve also removed the captcha requirement. Instead of prompting every donor to pick out road signs, we created what we like to call the “Advanced Fraud Detection System.” While its implementation details are a trade secret, what we can tell you is that if it detects a bad guy, it’ll make them mine cryptocurrency! Furthermore, this tactic is easily scaleable. The more “badness” it detects, the more computational power will be required to continue. We hope that this method will ensure that legitimate donors will never have to complete a captcha and will experience a more streamlined checkout experience.

Previously, a donor’s account could only have one recurring payment method. This caused concern as manually entering a recurring gift would end up overwriting the donor’s existing recurring payment method. Furthermore, we required donors to log in first to prevent anyone from overwriting the donor’s account. To solve this problem, we added the ability for each gift to designate its own payment method. This allows manual entered gifts to use a separate payment method as well as allowing anyone to make a gift and not risk modification of the donor’s account.

With this update, we’ve also added the long-awaited recurring receipts! For each installment of a gift, the donor will receive a receipt outlining the gift’s history, total billed, and the tax deductible amount.

More convenience. Higher security. We’re working hard to constantly improve GivingTools, and we appreciate your feedback!