2fa or similar options

Allan Avigdor1

Is there anyway to secure our accounts with 2fa or the like? 

Kennedy Stomps

Hi Allan--

 

We don't currently off the ability in-app to require Two Factor Authentication when users log in to Smartsheet but I've added your vote for this to our enhancement request list and our developers will consider it for a future update. We appreciate your input!

 

In the meantime, SysAdmin on Enterprise plans, or on Team Plans who purchase our Security Add-On package, have the ability to set up SSO/SAML authentication with Smartsheet. More information on this can be found here. Let me know if you have any questions on this!

Mark Fern

I've recently encountered a situation where an Enterprise would benefit from in-app 2FA.

We have SSO/SAML implemented and we auto-provision non-licensed users in our domain. We use OneLogin for SSO and it's integrated with Duo for 2FA, thereby enforcing 2FA for all 3rd party tools for all users. In keeping with this secure framework, the only authentication method allowed for Smartsheet is SAML.  

We also work with external consultants on project, and they are not part of our domain. The alternatives we have are to: (1) provide an LDAP account on our domain, or (2) allow email+pw authentication, which would poke a hole through our implementation of mandatory 2FA for smartsheet users. 

+1 for Smartsheet to add 2FA inside the app. Perhaps the Google Authenticator system is a consideration.  

James Johnson-Miller

Hi Smartsheet,

2FA with Yubico would be our preferred solution. Would be interested where this security measure fits into your roadmap. 

Thanks

James

D Domine

Hello Mark - 

Our team is working to get OneLogin going.  Would you or someone else in your company be available to help share some best practices or pitfalls to avoid?  Thanks in advance,   _David w/Christian Brothers Automotive