How do i force all devices logged into an account to require logging back after password change?
It the 'keep me logged in' option is checked on the login screen, that device stays logged in, even after the account password has been changed. This is a massive security risk if an account is hacked and the hacker selects the 'keep me logged in' option on the login screen. It allows the hacker continued access even after a user has mistakenly thought they have secured their account by changing the password.
Answers
-
Hi @Colton
There currently isn't a way to force a log-out from another device if you are using the Email and Password login option.
If you're on an Enterprise plan with SAML configured, you might explore if this is an option that your SSO provider has. (See: Set Up SAML 2 for Single Sign-On to Smartsheet).
If you're concerned that your Smartsheet account has been compromised, please contact our Security team at the email on the bottom of this page: https://www.smartsheet.com/trust/security
Thank you!
Genevieve
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
Categories
- All Categories
- 14 Welcome to the Community
- Customer Resources
- 64.9K Get Help
- 441 Global Discussions
- 139 Industry Talk
- 472 Announcements
- 4.9K Ideas & Feature Requests
- 129 Brandfolder
- 148 Just for fun
- 68 Community Job Board
- 496 Show & Tell
- 33 Member Spotlight
- 2 SmartStories
- 300 Events
- 36 Webinars
- 7.3K Forum Archives