Salesforce multi-factor authentication adds an extra layer of protection against common threats like phishing attacks, credential stuffing, and account takeovers. It is a secured authentication method that requires users to prove their identity by supplying two or more pieces of evidence when they log in. One factor is the username and password, and other factors are verification methods that the user has in their possession, such as a security key. MFA makes it harder for threats like phishing attacks and account takeovers to succeed.
Salesforce has announced that from February 1, 2022, Salesforce will begin requiring customers to enable MFA in order to access Salesforce products. MFA will be available to the customers at no extra charge. In this blog, CloudVandana will describe the setup process of Salesforce Multi-Factor Authentication for the organization.
Salesforce Multi-Factor Authentication Steps
Users can select any or all of the verifications as per requirements.
It is a free mobile application that integrates the login process. Users can verify their identity through push notifications.
Third-Party Authenticator App
Third-party authenticator app generates unique, temporary verification codes that users type when prompted. This code is called a time-based one-time password or TOTP. Users can pick from a large variety of options, including Google Authenticator, Microsoft Authenticator, etc.
Logging in with this option is easy and first. Users can simply connect the security key to the system by pressing the key’s button to verify their identity.
Following are the steps that should be followed to set up MFA.
1. Set the session security level
Users should go to the session setting and make sure that Multi-Factor Authentication is in high assurance.
2. Create a permission set
In this step, a new permission set should be created. Users can click save and confirm the changes.
3. Permission Set to Users
In this step, a permission set should be assigned to users. For testing purposes, it can be assigned to the users.
4. Setup and Install the Authenticator App
Username and password should be used to log in-Salesforce will prompt the users to connect Salesforce authenticator to the desktop-The phrase should be entered into the two-word phrase field- click connect- now the users are logged into the account.
5. Post Installation Procedure
In this step, users will get details of everyone who is using the Salesforce MFA. If any user lost the device, the user won’t be able to access the Salesforce account. In such cases, Admin can go to the user detail screen and click Disconnect next to App Registration. If any user wants to permanently remove MFA, admins can remove the permission set for the user.
Do you have any further queries about Salesforce multi-factor authentication? Please feel free to contact CloudVandana for any Salesforce requirements.
Digital Marketing Manager at Cloudvandana Solutions