Authentication and security changes

While the Grantmaking core solution is accessed through your Blackbaud ID (BBID), the Grantee Portal and Review Portal use different log-in information and different security standards to protect user identities. As of August 1, all authentication and security features are available for these accounts.

Grantmaking Module User type Blackbaud ID Multi-factor authentication (MFA) Password complexity requirements
Grantmaking core solution Grant Administrators Yes Mandatory
 Yes
Grantee Portal (Outcomes-enabled) Applicants/Grantees Yes Mandatory
 Yes
Grantee Portal (Standard) Applicants/Grantees No Optional Yes
Reviewer Portals Reviewers No Optional
 Yes

Multi-factor authentication (MFA)

In Blackbaud ID (Grantmaking and Outcomes Grantee Portals)

Users of the Grantmaking core solution and the Outcomes Grantee Portal can enable multi-factor authentication in their Blackbaud ID settings (https://signin.blackbaud.com/userprofile).

As of August 1 of 2023, Grantmakinghas begun enforcing multi-factor authentication (MFA) for users that log in with a Blackbaud ID. This requirement will be gradually introduced to different users, and your organization will experience these changes in the days following August 1. We encourage you to enable MFA before these changes to avoid any interruption of your work flow; you can enable MFA ahead of time at https://app.blackbaud.com/user/ .

These changes will not affect:

  • Users who have already enabled MFA for their Blackbaud ID

  • Applicants, grantees, or reviewers who have organization-specific accounts.

For more information, see Multi-factor authentication for Blackbaud ID.

Funder-specific accounts (Reviewer Portals and Grantee Portals)

Multi-factor authentication is an option that can be enabled for Reviewer Portals and Grantee Portals. Administrators can require every portal user to verify their identity through a second authentication mechanism, i.e. their email address. To access the multi-factor authentication option in the portals:

  • Reviewer Portal: In the Reviewer Portal, navigate to Admin, Preferences, Security. See Reviewer Portal Security preferences.

    The Reviewer Portal is hosted at https://<organization>.goreviewers.com, where <organization> is the site ID of the funding organization. You can also navigate to the Reviewer Portal from the Grantmaking core application by navigating to Reviews, Reviewer Portal.

  • Funder-specific Grantee Portal: In Grantmaking navigate to Applications, Forms manager, Settings, Account Designer. See Account Designer.

    Funder-specific grantee portals are hosted at https://www.grantrequest.com/?sid_####, where #### is the funder's four-digit Grant Application Site ID.

Password complexity requirements

Passwords for Reviewer and Grantee accounts must meet the following requirements:

  • At least 12 characters long

  • Combines at least three of the following character types:

    • Uppercase

    • Lowercase

    • Numeric

    • Special (!, ", #, $, %, &, ', (, ), *, +, ,, -, ., /, :, ;, <, =, >, ?, @, [, \, ], ^, _, `, {, |, }, ~)

  • Cannot include the user name, funder name, or common dictionary words

  • Cannot match any of the previous six passwords

These passwords expire after one year.