Everything You Need to Know About Salesforce Multi-Factor Authentication
If you’re a Salesforce user, you may have received an email from Salesforce saying they will require you to enable multi-factor authentication (MFA) by February of 2022. And . . . we think that's a good idea! As phishing attacks increase and the global threat landscape continues to change, why wouldn’t you want to implement stronger security measures? Here are answers to some questions you may have about Salesforce multi-factor authentication.
What is multi-factor authentication?
Instead of just a username and password, multi-factor authentication requires two or more pieces of evidence (factors). One factor is something you know, like your username and password. The other factors are verification methods that you have – like an app on your phone or a USB key provided to you.
Interested in learning more about MFA and Cloud Security? View this post.
Why should you want multi-factor authentication?
Usernames and passwords are no longer enough protection. MFA provides an extra layer of protection against threats like phishing, credential stuffing and account takeovers. It often requires a physical object, like an authenticator app on your phone that a hacker won't have access to. This is why Salesforce is requiring this change. They take guarding your data seriously, and phishing is a major cause of unauthorized access to data.
What types of authentication are there?
- Salesforce Authenticator App (Free)
- Third-party TOTP (Time-based One-time Password ) App – like Authy, Microsoft Authenticator and Google Authenticator (Free and paid options)
- U2F (Universal Two-Factor Authenticator) or WebAuth Security Key (USB Key, paid option)
- You cannot use Email, SMS text or Phone Calls – these are less secure.
- If you are already using Microsoft Authenticators or Google Authenticators for your network security, you can configure those to authenticate Salesforce access.
- If you are already using Office 365/Microsoft 365, you can easily leverage your existing usernames and passwords to provide a seamless and secure Single Sign On and multifactor authentication experience when accessing Salesforce and thousands of other applications.
Is the Salesforce Authenticator free?
It’s free! The only costs associated with this new security measure are associated with setting up MFA and change management to inform your employees.
What do you need to do to set up multi-factor authentication?
- Research: your MFA options.
- Plan: your rollout strategy.
- Change management: communicate and train.
- Support: establish IT support policies to help users with lost verification methods.
What else should you consider?
Integrations with third-party apps or with external data sources will add to the complexity of your implementation since the integrations will also require tokens and MFA.
Check out this Salesforce article on the MFA requirement. And if you’re thinking about implementing Salesforce MFA, FMT recommends doing a security audit using the Salesforce Security Health Check feature at the same time.
To learn more or ask our team about Salesforce multi-factor authentication, please contact us here!