Why Salesforce is requiring Multi-Factor Authentication: The Developers Speak: Volume 2, Episode 3

Dakota VanOs – August 10, 2021

The Developers Speak is a video series featuring certified Salesforce consultants at Digital Mass. They come to you twice a month to help bridge the gap between business problems and technical solutions.

In this episode of The Developers Speak, Alex explains why Salesforce will be requiring multi-factor authentication and how you can get your org ready for it.


Hi everyone. I'm Alex Mracek, a Salesforce developer, Digital Mass. Today I want to talk about multi-factor authentication or MFA and why Salesforce is heading that direction. There are also some configuration options to keep in mind. This is really good time to start talking about this because on February 1st, 2022, Salesforce is going to require MFA before accessing their products. First, let's talk about why Salesforce is moving in this direction. Cyber attacks are on the rise and gaining access to a user's accounts is a great way to compromise your system. Phishing attacks are getting better quality and are coming more frequently and having just a standard username and password is not enough. That's where MFA comes in because it's something you have and not just something, you know, in terms of setting up MFA for your org, you can follow the easy steps above, but based on if you have SSO or not, there are some different options to configure how your users authenticate their logins or non-SSO orgs.

You can use Salesforce's free mobile app, which will allow them to authenticate, or you could use a time-based one-time passcode tool like Authy or a U2F security key, like Google's Titan Security Key. For SSO orgs, you can use your identity providers service that they have for MFA, or you can choose to make Salesforce your identity provider, and use one of the other options listed above. MFA is an important tool for securing your data and protecting your users. Salesforce is definitely heading in this direction and although it's not required now, it will be in the future. If we all get ahead of the game, we'll all be better.

Find more information about setting up MFA for your Salesforce org here.

About the developer:

Alex Mracek was Digital Mass’ first hire in 2018. Before he joined DM as a Salesforce Developer, Alex had been working in the technology space for over 5 years and was studying Marketing at Concordia-St. Paul. Once he joined Digital Mass, Alex quickly received his Pardot Consultant and Pardot Specialist certifications. Quite a powerful marketing developer combo if you ask us.

In his free time, you’ll find Alex fishing at the cabin, watching the MN Wild or the Liverpool FC, and playing D&D.