Salesforce made multi-factor authentication (MFA) mandatory on February 1, 2022. Customers are thus required by the new user agreements to use MFA when accessing Salesforce products.
With this, Salesforce is responding to the constantly growing threat landscape in which trust, integrity and availability of customer data are increasingly vital for companies.
No more access without MFA
The types of cyberattacks that cripple businesses and harm consumers are on the rise. In addition, companies are increasingly relying on remote working environments. This makes it even more important to implement tighter security measures - without compromising the user experience.
"Salesforce takes the protection of its customers' data very seriously, but companies also have a shared responsibility for the security of their data," explains Bernd Drothen, Vice President Solution Engineering Germany & Austria at Salesforce. “An important part of the security strategy is access protection to Salesforce user accounts. MFA is one of the easiest and most secure ways to improve login security and protect business and data. That's why our user agreements now require customers to implement MFA to mitigate the risks posed by threats such as phishing attacks, sign-in form filling, and compromised devices.”
MFA only mandatory from May 2023
MFA is an effective and secure authentication method that adds another layer of security to the login process. Users prove their identity by providing two or more pieces of evidence—or factors—when they sign up. A typical example of this is an additional security code that is sent to the smartphone. Companies that have not activated MFA since February 1, 2022 are no longer compliant with the new user agreement. Salesforce gives its customers time to transition and will not conduct an on-date review. Over the course of this year, however, MFA will be automatically activated in stages. From May 2023, the MFA will then be de facto mandatory.
More at Salesforce.com