Sign in to submit new ideas and vote
Get Started

Multi-factor Authentication

Options

In order to mitigate password vulnerabilities and attacks, please add multi-factor authentication to Smartsheet. It's a security best practice and most SaaS applications (such as Smartsheet) already has this integration available.

49
49 votes

On Wishlist · Last Updated

We love this idea too! While it's not a part of our current plan, this is exactly the kind of thing our team is thinking about every day. When we believe we can make this idea a reality, we'll plan to update the status here.

«1

Comments

  • FredNICB
    FredNICB ✭✭
    edited 04/12/23
    Options

    I know when using Azure or Google you can force MFA, but can we require it without the enterprise logins?

  • Eric W
    Eric W ✭✭
    Options

    +1 for MFA, this will likely end our use and several of our clients use of the product sorry to say if in now 2023 the bare minimum for cyber security is not an option!

  • Philip_Munson2023
    edited 03/06/24
    Options

    Smartsheet needs to offer a built in MFA to protect sensitive information. We are paying allot for this service, we shouldn't have to bring in a 3rd party to integrate MFA.

  • Mark Franczyk
    Options

    Yes. This is critical. I unfortunately need to discontinue using Smartsheet for my firm, as we have regulatory requirements around MFA.

  • Alex Szalkowski
    Options

    Hi, MFA is becoming a standard security process these days. As I am not able to adopt this process being a private user, I am going to need to cancel my subscription.

    Is there any plan to introduce MFA over all platforms in the near future?

  • BNSC2022
    Options

    MFA is a security standard we utilize and the functionality is crucial within Smartsheets. When will thiks be implemented within Smartsheets?

  • nicole.turner
    Options

    This is a great idea

  • Adam Murphy
    Adam Murphy ✭✭✭✭
    Options

    Where is this on the roadmap? It's really inexcusable in 2023.

  • Stefan
    Stefan ✭✭✭✭✭✭
    edited 09/11/23
    Options

    I chime in to this request as a Smartsheet partner who stumbled 2 times upon MFA requests from customers this year.

    So Smartsheet, I think the voices here are only the tip of the iceberg and it would be great to be prepared when the wave reaches the shore.

    Smartsheet Consulting, Solution Building, Training and Support.

    Projects for Processes and for People.

  • Paula D
    Paula D ✭✭✭
    Options

    I also requested MFA as our cyber security department requires it. It's true it's pretty unacceptable in 2023, that's it only offered to enterprise customers. Additional security should be free to everyone not just the ones on the most expensive plan. I have a business account and I can't access it. Maybe they should start looking to their competitors who offer it at no charge across all plans....click up, wrike, asana to name a few. My PM's love smart sheet, but we may be forced to use another product if we can't get better security.

    And not even just MFA, they only use TLS 1.2. Industry standard and best practice is TLS 1.3. They just don't seem to be taking cyber security too serious.

  • CyberEyeGuy
    Options

    Requesting my vote for consideration, PLUS on behalf of all (insert #) customers who fall in the group of no MFA availability. Between now and Jan 1 2024, many of the new cyber regulations and compliance rules are going into effect that require MFA. What this means is that if MFA is not available for your regulated customers and the covered entities that fall under that bucket will be out of compliance.

    Compliance and a high risk for data breach, legal and privacy issues, and financial and reputational harm are common themes these days and MFA is one of those key controls that is critical and should be prioritized.

    Keep us updated, please!

    Tx

  • Paula D
    Paula D ✭✭✭
    edited 10/09/23
    Options

    Agreed. I'm getting significant pressure from our cyber department to choose another product because we don't subscribe to the enterprise version and our company blocks gmail so single sign in with gmail isn't an option. Our company uses Microsoft, but I get an error when trying to use single sign on and I've reported that to the company, but I belive Microsoft SS requires an enterprise version to be enabled. I can't believe it's this difficult to get this company to see the importance of this access. I feel like we're back in the days when anti-lock brakes were considered an upgrade. To me, MFA is common sense and the responsible thing to offer to your all of your customers.