Salesforce Multi-Factor Authentication and What You Need to Know

What is MFA? 

MFA, or Multi-Factor Authentication, is a security measure that enhances login security and guards your org against a multitude of security threats. Chances are you are already using MFA in other ways, like to log in to Facebook or your email account. Even if your password gets stolen or is easy to guess, MFA will protect someone from entering your org and accessing your data.   

Why MFA? 

An increase in security breaches calls for action; so your org, your data, and your users stay protected. If your workforce is remote or hybrid, there is an increased need for stronger security measures like MFA.

MFA requires both of the following verification methods to access your account:

  • Something you know – which is your Salesforce username and password.
  • Something you have – such as an authentication app on your mobile device, or a USB security key.

Salesforce Multi-Factor Authentication Example

Sound familiar? Other common forms of MFA you see in your everyday world would be a boarding pass and ID, or an ATM card and PIN.

What you need to know

Beginning February 1, 2022, Salesforce will require customers to use Multi-Factor Authentication. Your users will not be blocked from logging in at that date, or for 6 months after. However, you will be out of compliance if MFA is not enabled. MFA adds one small log-in step that takes just a few seconds to complete. There is little to no effect on your teams’ workday, but a great effect on the strength of your org’s security. All users will require MFA to log in; if you have Community users or external users, they will not need to use MFA to log in.

Emails and text messages do not work as forms of MFA verification methods. Forms of MFA verification methods are:

  • Third-Party Authenticator Mobile App
  • Salesforce Authenticator Mobile App
  • Built-In Authenticators like Touch ID, Face ID, or Windows Hello

Our team at Port & Starboard recommends and uses 1Password, which is a password manager and an authenticator. If you are interested in 1Password, let us know! We can support your team in purchasing and implementing 1Password as a solution. Before you implement any Multi-Factor Authentication solution for your Salesforce org, consider your companies existing hardware, budget, and tech stack.

Have a successful MFA launch

  • Communicate the changes to your Salesforce users through an email cadence, Slack message, or whatever your team likes best for internal communication.
  • Don’t wait to pick a solution that works best for your team. While you can deploy multiple MFA solutions, planning what users will be using is key to having a speedy adoption and great results.
  • Salesforce Admins prepare!  Admins can start by reading this Admin Guide for MFA or check out this extensive MFA FAQ page.

We are here to help! If you have questions about setting up MFA for your organization or want to discuss additional security measures to protect your users, book a call with us or reach out to your Port & Starboard Lead Consultant. We will be more than happy to discuss all your options.

Alexandra Craig

Alexandra is passionate about operations, making things run smoothly, and improving processes. She has a background in advanced manufacturing and process engineering, which provides the technical background to create unique, well-designed systems. She loves small businesses, national parks, and Fathom Coffee.

Categories

Newest Posts