What is Salesforce MFA?
Updated: Apr 22
Passwords are no longer a sufficient means of security as the number of cyberattacks continues to skyrocket. For this reason, beginning February 1, 2022, Salesforce will begin to require customers to Multi-factor Authentication (or MFA), in order to access their products.
With the world of technology and cyber security ever-changing, rockITdata and Salesforce are committed to easing your technological journey. Check if your implementation satisfies the MFA Requirement here. If you have questions, we can help!
How MFA Works:
MFA requires a user to validate their identity with at least two factors when logging in. One factor is something the user knows, such as their username and password. Other factors are verification methods that the user has in their possession such as a security key or authentication app. The chance of a cyberattack into your account drops significantly when your account is safeguarded by both a password and these secure verification methods.
Salesforce offers some innovative MFA solutions that provide a balance between strong security and convenience.
Salesforce Authenticator Mobile App: A fast, frictionless solution that makes MFA verification easy via simple push notifications that integrate into your Salesforce login process. Use this app in your MFA implementation to increase security while driving a better user experience.
Third-Party Authenticator Apps: Authenticate with apps that generate temporary codes based on the OATH time-based one-time password (TOTP) algorithm. There are many apps available, including Google Authenticator, Microsoft Authenticator, and Authy.
Security Keys: These small physical devices are easy to use because there’s nothing to install and no codes to enter. Security keys are a great solution if mobile devices aren’t an option for your users. Salesforce supports USB, Lightning, and NFC keys that support the WebAuthn or U2F standards, including Yubico’s YubiKey and Google’s Titan Security Key.
Built-In Authenticators: Easy MFA verification using a desktop or mobile device’s built-in authenticator service, such as Windows Hello, Touch ID, or Face ID.