Email-based TOTP login method, now generally available!
Answers
-
Hello @PMO IOS - Email OTP will become available as an additional login option for all plan and user types (unless otherwise configured by SysAdmins on an Enterprise plan).
-
@Lekshmi Unnithan - Thank you for your response! I'm glad to hear we can use tokens in the ODBC connection string, but can you please provide the proper syntax for that? Right now my connection string is as follows:
Driver={Smartsheet Live Data Connector};Server:Smartsheet:Smartsheet user id email;OPTIONS=8188; TYPERULE=0; PATHNAME=1;Uid=[EMAIL REDACTED];Pwd=[PASSWORD REDACTED]
How would I need to change the connection string in order to pass an access token? Thank you!
-
Hi @Krambo - For your Zendesk and Zapier integrations, are you currently using email/password-based authentication or API token-based authentication?
If you're already using API tokens, then, you don't need to make any changes and there will be no impact.
If you're using email/password-based authentication, then, when email OTP releases, you technically don't need to make any changes at that moment. However, when we eventually phase out the password-based login method later this year, your Zendesk and Zapier integrations (and any other API integrations that utilize email/password authentication) will need to transition to API token-based authentication.
-
@JB Retail Collective - I have shared your feedback with the product and engineering teams.
-
@JMSK - we did send end-user communications out already. Can you please shoot a message to your CSM/CS team and have them reach out to me so that we can cross-verify? Or if you would just prefer to share your company name/domain here, that works too.
-
Hi @DanR - thank you for your feedback, I'll share this with our Product and Engineering teams. I did want to clarify that if the user logs into Smartsheet via any login method, then closes their browser, if they try to open Smartsheet again, it will open without prompting another login as long as it hasn't been more that 19 hours since the last activity.
-
Hi @Steve Rohrdanz - I am about to update the main Community post with an updated timing for the release of the email OTP login method. We're now tracking a mid-May release timeframe. Once it is launched individuals can try out the email OTP login method. We also recommend working with your IT teams to add the "notification@system.smartsheet.com" domain to your company's email service provider allowlist to ensure your OTP emails don't get blocked or marked as spam.
As for the timing for deprecating the password-based login method — it will be later this year (however the team hasn't finalized the exact timing yet). We'll make sure to communicate the cutover date in advance when we have more details.
-
Hi @Sam C - Thanks for your feedback! I am about to update the main Community post with an updated timing for the release of the email OTP login method. We're now tracking a mid-May release timeframe.
-
I saw you mentioned a potential 5-10 minute wait to login. I really hope you guys are taking that into consideration when making major changes like this. That's the kind of disturbance that makes businesses want to switch vendors. We have at least 100 users logging in daily, you're talking a possibility of 8-16 hours of time wasted waiting to get a login code every single day.
-
@Samuel Mueller - The recommendation to wait 5-10 minutes to request a new code is only for rare cases when there is a severe delay in email delivery due to network congestion or issues with email servers. In most cases, receiving your OTP email should only take a little bit of time.
In certain corporate environments, network restrictions might block or delay emails from external sources. That's why we recommend checking in with your IT department to ensure that Smartsheet emails under notification@system.smartsheet.com aren’t being blocked within your company’s network.
-
Thank you for the clarification @Lekshmi Unnithan
-
This is something we need to plan for, if you are still moving forward with it. It will break a great deal, so at a minimum I need timelines I can depend on. Before you were targeting beginning of May, now you are targeting the end of may. (though I would prefer it never happened at all).
What is your timeline for release and more importantly, What is your timeline on the phase out of the fallback account Password auth. -
@Lekshmi Unnithan I verified that emails have been received. Thank you for the followup
-
Hi @Dan Britton - I reached out to our team responsible for the connector and this is what they said:
"Assuming a system DSN, the connection string would look like this:
DSN=Smartsheet;Server=Smartsheet: roscoe.cairney@smartsheet.com;UID=roscoe.cairney@smartsheet.com;;OPTIONS=57340;TYPERULE=2;PATHNAME=1;You might be able to just add
PWD=access_token_valueto it, but if you'd rather keep the access token out of the string, you can also load the pwd into the registry.For a 64-bit system DSN on a 64-bit system called
Smartsheet, you could create a string registry key atHKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBC.INI\Smartsheet\Pwdand set the value to their access token value.Additionally, you can check out this writeup about the registry changes required to store the password safely outside the connection string"
Let me know if this answers your question.
-
@Lekshmi Unnithan - That worked, and definitely answers my question. Thank you again for going above and beyond to help me adapt my code to the upcoming login changes. Most appreciated!
Categories
- All Categories
- 14 Welcome to the Community
- Customer Resources
- 64.8K Get Help
- 434 Global Discussions
- 138 Industry Talk
- 470 Announcements
- 4.9K Ideas & Feature Requests
- 129 Brandfolder
- 148 Just for fun
- 65 Community Job Board
- 486 Show & Tell
- 33 Member Spotlight
- 2 SmartStories
- 300 Events
- 36 Webinars
- 7.3K Forum Archives
