How do i force all devices logged into an account to require logging back after password change?
It the 'keep me logged in' option is checked on the login screen, that device stays logged in, even after the account password has been changed. This is a massive security risk if an account is hacked and the hacker selects the 'keep me logged in' option on the login screen. It allows the hacker continued access even after a user has mistakenly thought they have secured their account by changing the password.
Answers
-
Hi @Colton
There currently isn't a way to force a log-out from another device if you are using the Email and Password login option.
If you're on an Enterprise plan with SAML configured, you might explore if this is an option that your SSO provider has. (See: Set Up SAML 2 for Single Sign-On to Smartsheet).
If you're concerned that your Smartsheet account has been compromised, please contact our Security team at the email on the bottom of this page: https://www.smartsheet.com/trust/security
Thank you!
Genevieve
Categories
- All Categories
- 14 Welcome to the Community
- 10.7K Get Help
- 63 Global Discussions
- 69 Industry Talk
- 385 Announcements
- 3.5K Ideas & Feature Requests
- 55 Brandfolder
- 125 Just for fun
- 50 Community Job Board
- 464 Show & Tell
- 40 Member Spotlight
- 44 Power Your Process
- 28 Sponsor X
- 234 Events
- 7.3K Forum Archives