Everything You Need To Know About the MFA Requirement

Alex Colburn – October 19, 2021

We’ve talked a lot about security this year. Especially about the Salesforce MFA requirement. Whether you’ve watched us speak about Salesforce SSO or been on the Mail Privacy Protection (MPP) journey with marketers, it’s been top of mind.

Or maybe you've noticed something MFA-related on the Salesforce Marketing Cloud login page. For the last several months, Salesforce has been prompting users to enable the new multi-factor authentication (MFA) feature. That’s because beginning February 1, 2022, Salesforce will require customers to enable multi-factor authentication in order to access their products.

 

salesforce marketing cloud, vs pardot, multi-factor authentication, mfa, privacy, protection, mandatory update, salesforce consultants, developers, admin updates, administrator

In this article, we’ll dive into why Salesforce will be requiring users to enable MFA, what the benefits are, and how to satisfy the requirement with different configuration options.

Why Salesforce is requiring MFA

Salesforce will be requiring MFA because of the volume of security threats that have been occurring. According to Google’s Safe Browsing report, the number of phishing attacks went up 80% in 2020 alone. Not only are they more frequent, but they’re also higher quality.

It’s no longer enough to have a standard username and password to protect your information from phishing attacks. So while this may seem like a big adjustment to some, it’s an important step in the process of securing the confidential information behind your login page.

What is the benefit of multi-factor authentication

Multi-factor authentication is an effective way to increase protection for user accounts against cyberattacks like phishing, credential stuffing, and account takeover. With MFA, there’s an added layer of security because it’s something users have or are and not just something they know. 

There are four different factor types that users can use to login in with MFA. The factor types fall into four categories about something users:

  • Know: username and password
  • Have: a physical object such as a security token (USB) or key
  • Are: physical characteristic of the user (biometrics); includes fingerprint, iris scan, voice
  • Or, somewhere they are: connected to a specific network or GPS location

For example, when logging in after enabling MFA, users might need an additional device to authenticate the login on a device. 

How to satisfy the MFA requirements

If you’re the dedicated Salesforce administrator or developer, most of the responsibility for implementing MFA will be yours. Depending on the number of users and requirements around compliance there are it can take a while to fully roll out. If the requirement is not met by February 1st, 2022, users will not be able to access Salesforce’s products until is. To prevent any delays, you should start planning for the change now.

To satisfy the requirement, you’ll have to do one or both of the following options:

  • Enable MFA for users who log in to Salesforce products (including partner solutions) through the user interface.
  • Use single sign-on for Salesforce products, including partner solutions. If you decide to implement SSO, Salesforce will require customers to enable MFA for your identity provider. 

Reach out to our team of certified Salesforce consultants if you have any questions about this new requirement. Contact us.