MFA (Multi-Factor Authentication) is a rising security protocol becoming more and more prevalent in the digital landscape. Salesforce recently announced that moving forward, they will be requiring MFA for all users across all accounts. Now, if you don’t know what that entails, hearing that can be a bit overwhelming. What exactly does that mean? How can I prepare my business for a big security change? Well, that’s why SalesLabX is here, friend. To cut to the heart of it, and make sure we’re all on the same page!
Here’s the thing about digital security: As technology evolves, the security has to as well. Any time an update is made, or a change is implemented, it undoes something that was solid before, or it creates a new hole. Cyberattacks are on the rise, and as a result, measures need to be taken to ensure your security. Sure, it can be frustrating, but unfortunately, such frustrations are unavoidable. Things change, and we have to change with it. Many online services at least *offer* MFA, so you’ve more than likely encountered it and/or used it at some point in your recent history. Let’s look at the specifics of the Salesforce implementation and how it’ll affect you going forward.
All Accounts, All Users, All The Time
This change is affecting everyone on the Salesforce platform. It’s not something you can opt in or out of. It’s being implemented for every account and user going forward.
To many, this might seem a bit drastic, but every unsecured account is a potential security risk. With things like phishing, account snuffing, and other cyberattacks on the rise, it’s imperative that you and your organization do everything possible to protect yourselves. So yes, this is a change that will impact everyone, but it’s necessary to protect you.
Two, Four, Six, Eight! How Can We Authenticate?
There are various methods of authentication that MFA could refer to, but some of those aren’t secure enough to be trusted in this Salesforce update.
Things like one-time codes being sent by text, email, or phone can be vulnerable to things like interception and spoofing, so they’re a no-go. Same goes for security questions, and using trusted networks and devices. Yes, they offer some modicum of security, but they can still be breached with a little effort.
So what does work? Well, the official Salesforce Authenticator mobile app (available on the Apple App Store or the Google Play Store), Time-based one-time passcode (TOTP) authenticator apps, like Google Authenticator™, Microsoft Authenticator™, or Authy™, Security keys that support WebAuthn or U2F, such as Yubico’s YubiKey™ or Google’s Titan™ Security Key, and Built-in authenticators, such as Touch ID®, Face ID®, or Windows Hello™. All of these will be compliant with the new MFA, so be sure to review the options and figure out which one works best for your organization and your team.