Starting on February 1, 2022, Salesforce is requiring multi-factor authentication on all Salesforce products. If your org doesn’t already have this feature enabled, you will need to configure and test this before that date. If you’re unfamiliar with MFA, we’re here to help.
What is Salesforce Multi-Factor Authentication (MFA)?
Multi-Factor Authentication is a security measure that requires extra methods for identifying a user, before they are granted access to the system. This is a similar principle to Two-Factor Authentication (2FA). The primary difference is that 2FA requires two steps, MFA requires 2 or more.
Why is MFA Required?
There is a constant battle between service providers and malicious users. As phishing attacks, data breaches, and other attacks increase, service providers have an obligation to keep their platforms secure. In order to stay ahead of these kinds of attacks, Salesforce has long provided additional authentication options. Now they have made the decision to require all customers to secure their org via MFA.
The interesting thing about multi-factor authentication is that it combines something a user has (like the Salesforce Authenticator app) with something the user is (like a biometric scan on their mobile device). These additional layers of security prevent unauthorized users from gaining access to your org or data.
How do I Enable MFA?
Unlike 2FA, MFA requires a strong verification method. A text or email code isn’t strong enough to prevent a malicious party from gaining access. There are several options for your strong verification:
- The Salesforce Authenticator mobile app
- Time based authenticator apps (like Google Authenticator or Microsoft Authenticator)
- Security keys (like YubiKey or Titan Security Key)
The steps to enable MFA are fairly simple. Depending on which type of verification method you choose, there are some simple steps to follow. Salesforce has outlined them in this article.
Some final tips:
- Make sure you develop a plan for your rollout. Users will need to be notified and educated on the process.
- Record trainings and messaging as necessary. The process for users is very simple, but it helps to have clearly outlined steps.
- If you have a large number of users, it may help to roll out in stages/groups/teams. This will help you adequately train and support smaller groups over time.
- As with any project, make sure you measure success. You can monitor the adoption of MFA across your org. Set goals and a timeline.
If you have any tips or questions, make sure to leave them below.