What is multi-factor authentication in Salesforce?
Multi-factor authentication in Salesforce is one of the safest ways to prevent unauthorized access to a personal account in any electronic medium. Due to the combination of different data and methods used to verify who is trying to access it, it is considered multifactorial.
In order to access the account, users need to use something they have when accessing. Commonly, they use an app that generates codes on the mobile phone, besides their username and password.
A popular analogy used to describe Multi-factor Authentication is an ATM. For example, when you use an ATM, you need your credit or debit card and a pin. Once your identity has been verified through these two factors, you can carry out the desired operation.
The impact of MFA on users
One of the main objectives of Multi-factor Authentication is to protect all the content of your organization. Therefore, you should proceed with caution in how we will enable this form of authentication.
Having a manual that describes why it is necessary, how to configure it and the advantages, is vital to have a positive impact on all users. It will allow them to be prepared for the transition, translating this into a more secure organization.
How MFA works in Salesforce
One of the advantages that Salesforce has when implementing MFA is its ease of use. It even provides a tool developed by them to facilitate implementation.
Salesforce offers you the Salesforce Authenticator mobile app as an option. This does not mean that it is the only one available. We can also use temporary code generator applications such as Google Authenticator and Microsoft Authenticator.
We can also use physical keys to verify our identity when accessing Salesforce. For people who do not have mobile devices, or for environments where you can’t use a phone, this is the perfect option. Some of the compatible keys are Yubico YubiKey and Google Titan.
Steps to implement MFA in a Salesforce Organization:
- 1. Make sure that MFA is active in the configuration options of our session. Create a permission set in which we will assign a reference name to the MFA activation.
- 2. Within the Permission Set we created, we mark Multi-Factor Authentication for User Interface Logins and save.
- 3. Then, we proceed to add the users that MFA will activate. This step is quite crucial since the users that we select will not be able to log in to the organization without first configuring MFA.
General recommendations regarding the activation of MFA:
When registering the Salesforce Authenticator app you will use the same phone number to reset accounts. Keep in mind you must report to your Salesforce Admin when:
1. You didn’t back up your accounts
2. You lose the phone where you have the Salesforce Authenticator app installed.
The Salesforce admin will be able to unlink your account. When you own a cell phone again, repeat the above process to be able to sign in again.
If you want to start your Salesforce journey and protect your organization’s data, contact us today!
Salesforce Developer at Digital Partner. I am passionate about everything that surrounds the world of IT, in my spare time I like to take photos and play video games.