Salesforce has announced that Multi-Factor Authentication (MFA) will be required to be enabled for all clients as of 1st February 2022. This means that if your Org is not yet using a suitable MFA method some steps will need to be taken before this date to ensure you’re compliant with the new requirements.
MFA FAQ
Will This Affect My Salesforce Environment?
Yes. If you are using a Salesforce product or leveraging functionality that is built on the Salesforce platform, this requirement will affect authentication for the products you’re using. If you’re already using a suitable MFA method then you may already be compliant and not need to take any action.
What is MFA?
MFA is a security validation process called Multi-Factor Authentication that ensures only the right people log into an account. MFA means your identity when logging in is confirmed by using more than one factor. A ‘factor’ is something that can confirm your identity.
In a typical low-security case like a computer login, a password is the usual factor that people are familiar with using to confirm their identity. MFA adds more security to the sign-in process by requiring two or more factors to confirm that the person logging in is who they claim to be.
Please see the link below for further information on acceptable MFA methods
https://help.salesforce.com/s/articleView?id=sf.mfa_supported_verification_methods.htm&type=5
I don’t want to use MFA, what are my options?
You will need to implement an MFA method. If you don’t want to use a separate MFA for SalesForce, you can look at an SSO solution. Alternatively there may be some other more technical solutions we can help you with depending on your environment. Please contact us and we can let you know what options are available.
I Use Single-Sign-On - Will I Need to Configure MFA?
You will need to confirm if your current SSO method is MFA compliant. If you login to your SSO provider with MFA, your Salesforce Session Settings should be updated to assign a High Assurance status to the SSO provider login method, thus avoiding a 2nd MFA prompt from Salesforce.
What Do I Need to Do?
If your Salesforce environment is not currently configured for MFA, then the upgrade of your security model needs to be planned for and implemented by your organisation prior to the 1st February 2022 date set by Salesforce. If you’re comfortable doing so, you can do this yourself, and if not we can help you through the planning and implementation of the process. Don’t forget service or agent accounts and API authentications.
How Does This Work For Shared Accounts
Salesforce does not endorse sharing user logins, so there’s no simple solution for enabling multi-user MFA. If you get in touch with us we can discuss what licensing and other options may be available to you.
I Don’t Know If I Can Get It Set Up In Time
There are some very simple solutions such as downloading the Salesforce Authenticator App. If you act now there shouldn’t be any problems. Please reach out to us as soon as possible so we can ensure there won’t be any issues for you or your users.
Still Have Further Questions
Ask us, our motley crew are happy to help. Additionally here’s the Salesforce FAQ
