How Multi-factor Authentication works in Salesforce?

September 28, 2022by Vandana

As the global landscape around digital threats and attacks evolves, businesses need to evolve accordingly. Businesses these days have to remain dynamic and bring in the changes on a constant basis when it comes to their security systems.

Keeping that in mind, Salesforce recently announced that from 1st February 2022 onwards, multi-factor authentication will be made mandatory for all its users accessing their products using the Salesforce UI.

When it comes to addressing security concerns, multi-factor authentication is the easiest way to ensure and enhance your Salesforce security and login safety. Let us learn how your business can adapt to Salesforce’s Multi-factor Authentication easily and ensure a more stringent security system in place to secure themselves.

What is Multi-Factor Authentication?

Multi-factor authentication is an effective and efficient way to expedite the protection of a user’s accounts against common threats like phishing attacks, credential stuffing, and account takeovers.

Although Salesforce is pretty secure already, the multi-factor authentication feature on Salesforce adds a layer of security to the login process for any user. The two or more factors or security features to login and prove their identity. Apart from the usual username and password login, another factor can be an authenticator app or security key.

A good example of multi-factor authentication at work would be using your ATM or logging into your Gmail account as well.

This reduces the probability of an outsider logging into your Salesforce account. The odds of someone logging into your account just by using your password, and someone else also being able to guess the second factor in play is quite less.

How does Multi-Factor Authentication in Salesforce works?

As the world evolves and working from home, remote work picks up the pace for most companies, better digital security arrangements make sense.

The additional step in logging in is fairly simple to use and doesn’t hamper the existing user experience much. Here are the steps which are followed:

  1. Users type in their credentials on the login page
  2. Tap on the login button
  3. A prompt appears using one of the four ways, asking users to verify themselves on the login page.
  4. And, that’s all. The rest of the steps remain the same.

Multi-factor authentication takes into consideration more than one factor that helps someone access and log in to your account. Apart from having a virtual security factor in place, physical means such as-

  1. Salesforce Mobile Authenticator App: The Salesforce Mobile Authenticator App, from the house of Salesforce, is an easy to use app that can enforce MFA’s security just with a few taps. It displays notifications showing where the login attempt is being made, along with buttons to accept or reject the attempt. The app is available on both iOS and Android. It is fast, free, secure and can be easily integrated with your Salesforce UI.
  2. Third-party authenticator app: The third-party authenticator apps allow users to verify their identity by using temporary codes or OTPs (One-time passwords). Some of the third-party authenticator app options that are supported by Salesforce are Google Authenticator, Microsoft Authenticator and Authy.
  3. Security Keys: Coming to the physical methods of multi-factor authentication, one of the primary ways is to do so using a security key. A security key is fast and easy to use. Some of the options for a security key by Salesforce include Yubico’s Yubikey, & Google’s Titan Security Key. A physical security key can be a great option for users who do not have mobile devices or can’t bring mobile phones onto the premises. The only drawback that’s there to a physical security key is its handling and the chances of misplacing it.
  4. Built-in authenticators: A built-in authenticator in a device is fairly simple and uses a device’s built-in capabilities to allow users to verify themselves. This capability of multi-factor authentication enables users to verify themselves by using a fingerprint scanner, or a facial recognition scanner too. The added capabilities for this include Windows Hello, Face ID and Touch ID. However, this function works on Salesforce UI where the built-in authenticator exists.

These are the only four means to log in to Salesforce using multi-factor authentication. The organization has deliberately not included email, text messages and phone calls as a method of authorizing yourself.

This is due to higher chances of SIM card hijacking or the susceptibility of tracking a phone call and intercepting an SMS.

Salesforce requiring customers to enable Multi-Factor Authentication

Salesforce has made it mandatory for its customers to enable multi-factor authentication. The customers are contractually required to enable Multi-Factor Authentication for using and accessing Salesforce products. All Salesforce users who log in to Salesforce, including partner solutions, will now be required to use Multi-Factor Authentication for every login.

You can turn on multi-factor authentication directly in your Salesforce products or use your SSO provider’s existing multi-factor authentication service. The Salesforce products provide the Multi-Factor Authentication functionality at no extra cost to its customers.

One thing to note here is that in case your business hasn’t turned on multi-factor authentication for its users to access Salesforce products, you can still use it. However, the caveat is that technically your business will still be required to do so down the line since it’s a contractual obligation. Salesforce is also planning to enable multi-factor authentication automatically.

Conclusion: Is Multi-Factor Authentication worth it on Salesforce?

Salesforce as an organization has always remained at the forefront of ensuring customer security. Whether it’s their features or the upcoming updates, the focus on user accessibility and security has always been given a priority.

Now that we’ve understood about multi-factor authentication in Salesforce, the question arises- should you use it?

Yes, definitely. The multi-factor authentication feature is a blessing. With the tons of phishing attacks hitting businesses every year, a multi-factor authentication process works like a shield for your business and its interests.

At CEPTES, we’ve been working with Salesforce for more than a decade now. Our team of developers, understand each and every update and its intricate details, further implementing it with your business efficiently.

We’re a global Salesforce service provider helping businesses by adapting them to the functionalities involved with Salesforce and how it can help them go up a notch.

Let’s get in touch today!