On February 1, 2022, Salesforce will require customers to use Multi-Factor Authentication (MFA) in order to access Salesforce products. All internal users who log in to Salesforce products (including partner solutions) through the user interface must use MFA for every login. We encourage clients who haven't started planning for this change start now, and where possible, begin implementing MFA.
To ensure that MFA is required for all your Salesforce users, you can turn it on directly in your Salesforce products or use your SSO provider’s MFA service. Salesforce products include MFA functionality at no extra cost.
Why is Salesforce enforcing MFA?
Customer trust is the highest priority at Salesforce. The global threat landscape is constantly evolving, and the types of attacks that can cripple a business and exploit consumers are on the rise. It's more important than ever to implement stronger security measures. Which is why Salesforce is announcing a future requirement for all customers to enable MFA. MFA is one of the easiest, most effective tools for enhancing login security, and safeguarding your business and data against security threats.
MFA vs 2FA
You may be more familiar with the concept of two-factor authentication, or 2FA. MFA and 2FA both protect against unauthorized access by requiring a user to provide multiple authentication factors to prove their identity. The only difference between them is the number of factors that are needed to log in. MFA requires two or more factors, providing options for many combinations of authentication mechanisms. 2FA, on the other hand, is a subset of MFA that requires two factors only.
What you need to do!
We strongly encourage you to setup select your organizations verification method and set up mobile devices for MFA before the deadline in order to minimize disruptions.
Obtain a verification method
- Salesforce Authenticator Mobile App
- Microsoft Authenticator
- Google Authenticator
Once MFA has been enabled:
Register the method to connect it to your Salesforce Account. Again, Salesforce makes it easy as the registration process is automatically initiated the first time a user logins once MFA has been enabled.
Finally, use the verification method at each login to verify your identity
We strongly encourage you to setup your mobile device for MFA before the deadline in order to minimize disruptions.
Have questions? Wave6 can help, just reach out to our team using the form below. Learn more on Salesforce Multi-Factor Authentication at https://help.salesforce.com/s/articleView?id=000352937&type=1