Sign in to submit new ideas and vote
Get Started

Multi-factor Authentication

jhill2
jhill2 ✭✭
edited 05/21/24 in Smartsheet Product Feedback & Ideas

In order to mitigate password vulnerabilities and attacks, please add multi-factor authentication to Smartsheet. It's a security best practice and most SaaS applications (such as Smartsheet) already has this integration available.

Share on FacebookShare on Twitter
51
Up
51 votes

On Wishlist · Last Updated

At the start of Q3 2024 we launched email-based one-time passcode based login for all users, offering a more secure alternative to simple email and password logins. We're also planning to introduce an additional second-factor authentication, which, when combined with the email-based one-time passcode, will provide multi-factor authentication.

«1

Comments

  • FredNICB
    FredNICB ✭✭
    edited 04/12/23

    I know when using Azure or Google you can force MFA, but can we require it without the enterprise logins?

    · Share on FacebookShare on Twitter
  • Eric W
    Eric W ✭✭

    +1 for MFA, this will likely end our use and several of our clients use of the product sorry to say if in now 2023 the bare minimum for cyber security is not an option!

    · Share on FacebookShare on Twitter
  • Philip_Munson2023
    Philip_Munson2023 ✭✭
    edited 03/06/24

    Smartsheet needs to offer a built in MFA to protect sensitive information. We are paying allot for this service, we shouldn't have to bring in a 3rd party to integrate MFA.

    · Share on FacebookShare on Twitter
  • Mark Franczyk
    Mark Franczyk ✭✭

    Yes. This is critical. I unfortunately need to discontinue using Smartsheet for my firm, as we have regulatory requirements around MFA.

    · Share on FacebookShare on Twitter
  • Alex Szalkowski
    Alex Szalkowski ✭✭

    Hi, MFA is becoming a standard security process these days. As I am not able to adopt this process being a private user, I am going to need to cancel my subscription.

    Is there any plan to introduce MFA over all platforms in the near future?

    · Share on FacebookShare on Twitter
  • BNSC2022
    BNSC2022 ✭✭

    MFA is a security standard we utilize and the functionality is crucial within Smartsheets. When will thiks be implemented within Smartsheets?

    · Share on FacebookShare on Twitter
  • nicole.turner
    nicole.turner ✭✭✭

    This is a great idea

    · Share on FacebookShare on Twitter
  • Adam Murphy
    Adam Murphy ✭✭✭✭✭✭

    Where is this on the roadmap? It's really inexcusable in 2023.

    · Share on FacebookShare on Twitter
  • Stefan
    Stefan ✭✭✭✭✭✭
    edited 09/11/23

    I chime in to this request as a Smartsheet partner who stumbled 2 times upon MFA requests from customers this year.

    So Smartsheet, I think the voices here are only the tip of the iceberg and it would be great to be prepared when the wave reaches the shore.

    Smartsheet Consulting, Solution Building, Training and Support.

    Projects for Processes and for People.

    · Share on FacebookShare on Twitter
  • Paula D
    Paula D ✭✭✭

    I also requested MFA as our cyber security department requires it. It's true it's pretty unacceptable in 2023, that's it only offered to enterprise customers. Additional security should be free to everyone not just the ones on the most expensive plan. I have a business account and I can't access it. Maybe they should start looking to their competitors who offer it at no charge across all plans....click up, wrike, asana to name a few. My PM's love smart sheet, but we may be forced to use another product if we can't get better security.

    And not even just MFA, they only use TLS 1.2. Industry standard and best practice is TLS 1.3. They just don't seem to be taking cyber security too serious.

    · Share on FacebookShare on Twitter
  • CyberEyeGuy
    CyberEyeGuy ✭✭

    Requesting my vote for consideration, PLUS on behalf of all (insert #) customers who fall in the group of no MFA availability. Between now and Jan 1 2024, many of the new cyber regulations and compliance rules are going into effect that require MFA. What this means is that if MFA is not available for your regulated customers and the covered entities that fall under that bucket will be out of compliance.

    Compliance and a high risk for data breach, legal and privacy issues, and financial and reputational harm are common themes these days and MFA is one of those key controls that is critical and should be prioritized.

    Keep us updated, please!

    Tx

    · Share on FacebookShare on Twitter
  • Paula D
    Paula D ✭✭✭
    edited 10/09/23

    Agreed. I'm getting significant pressure from our cyber department to choose another product because we don't subscribe to the enterprise version and our company blocks gmail so single sign in with gmail isn't an option. Our company uses Microsoft, but I get an error when trying to use single sign on and I've reported that to the company, but I belive Microsoft SS requires an enterprise version to be enabled. I can't believe it's this difficult to get this company to see the importance of this access. I feel like we're back in the days when anti-lock brakes were considered an upgrade. To me, MFA is common sense and the responsible thing to offer to your all of your customers.

    · Share on FacebookShare on Twitter

Categories