Authentication Details

SmartPM provides authentication provides either built-in authentication via username and password.

Customers may additionally chose to enabled Single Sign-On to control authentication through an external, third-party provider such as Microsoft Entra SAML, Okta, etc. User access and role assignment is controlled within the SmartPM product, and both SP- and IDP-initated authentication flows are supported.

Local Authentication Specifications

Password Complexity

All passwords must meet the following requirements:

Must be between 8 and 30 characters
Must have 1 uppercase letter
Must have 1 lowercase letter
Must have 1 number
Must have 1 special character

Brute Force Resistance

SmartPM does not lock out a user from attempted brute forcing.

Password Hashing

All passwords are hashed utilizing a one-way hash using Bcrypt.

Session Expiration

User-interface sessions expire after 30-minutes of inactivity.

Single Sign-On (SSO) Authentication

We can support SSO based on either SAML (preferred) or OIDC. If you would like to configure SSO please reach out to support@smartpm.com.

Multi-Factor Authentication (MFA)

SmartPM does not natively support MFA, if you are required to have MFA then we highly suggest you use a external authentication provide and leverage SSO.