Multi-Factor Authentication on Salesforce

Multi-Factor Authentication on Salesforce

Security is always a concern whenever you want to handle something online and Salesforce is no different.? When it comes to Salesforce, the first thing you need to be concerned about is securing your login.?

Just like your bank account, your Salesforce instance has a lot of sensitive information that you would want to be secure from unauthorized access. To protect sensitive data, Salesforce provides the ease to set up Multi-Factor Authentication, or MFA, for all users of a Salesforce org.?

So all in-house users at your business trying to log in to Salesforce products through the user interface must use MFA to secure login attempts.

Here’s a list of products built on Force .com that use MFA:

• Sales Cloud
• Service Cloud
• Analytics Cloud
• B2B Commerce
• Experience Cloud
• Industries Products
• Marketing Cloud—Audience Studio (formerly DMP)
• Marketing Cloud
• Pardot
• Salesforce Essentials
• B2C Commerce Cloud
• Heroku
• MuleSoft Anypoint
• Platform Marketing Cloud—Datorama
• Marketing Cloud—Email Studio
• Mobile Studio and Journey Builder
• Marketing Cloud—Social
• Quip Products
• Tableau Online

What is Multi-Factor Authentication (MFA)?

MFA is an authentication method that needs two or more pieces of evidence to allow a user to log in to Salesforce. Here’s how Salesforce protected systems earlier:

• Salesforce had been using 2FA with Emails & SMS for a long time.
• 2 Factor Authentication comes with the risk of getting access to emails, 2FA devices, and interception of SMS or Phone Call Networks.

MFA is a feature that adds an extra layer of protection against unauthorized and suspicious logins:

• It combines your credentials (username and password) with something you have (a keycard or a mobile device), as depicted in the picture.
• Enabling the Multi-Factor Authentication means that your Salesforce login would need an added layer while logging in, apart from the username and password.?

How is Salesforce Multi-Factor Authentication Helpful?

In a world where credentials are stolen by data breach attempts regularly, Salesforce Multi-Factor Authentication helps you to tackle cyber attacks, keeping your org secure with an added layer of security with an authenticated login.

MFA has become an essential part of the Salesforce security strategy to safeguard organizations using Salesforce. Salesforce username and password do not provide complete protection against critical phishing attacks.?

That’s where MFA will act as a barrier between such cyber-attacks and your account.?

Different Ways of Authorizing Your Account

There are three types of verification methods that you can use to implement Multi-Factor Authentication for your Salesforce account:

• Salesforce Authenticator Mobile App
• Third-Party Authentication Apps
• Security Keys

Salesforce Authenticator Mobile App

Using Salesforce Authenticator App for authentication will help you get notifications whenever anyone tries to log in. You’ll also be notified of the location from where account access is being attempted. You can simply approve or deny the login attempt just with a tap.

The Authenticator app is a mobile application so you can simply download it from the Apple App Store or the Android Play Store.

Third-Party Authentication Apps

This method of verification allows users to verify the identity of the user through a unique temporary code called ‘Time-Based-One-Time Password’ or TOTP. There are different apps that you can choose for this like:

• Microsoft Authenticator
• Google Authenticator
• Authy?
• Duo

Security Keys

Another way of authentication is using a security key, which is a small, physical device like a keycard or USB. You can use this method when you can’t access a mobile device to receive any security codes.

Steps to Implement MFA using the Salesforce Authenticator App

Step 1: Login into your Salesforce account.

Step 2: On the setup page, search for Permission Set.

Step 3: Click New to create a new permission set for the user.??

? Then, enter the label name: Two-factor Authentication

The API name will be automatically generated. Click Save when this happens.

Step 4: After saving, scroll down and click System Permissions under the system section?in the created permission set. Then, click Edit to edit permissions.

Step 5: Scroll down one inside the setup for Permission Sets to look for Multi-Factor Authentication for User Interface Logins and enable the check box next to it as shown below.?

To save the update, click Save.?

This should take you to the permission set page for Two Factor Authentication?

Step 6: On the permissions page for Two Factor Authentication, click Manage Assignments first and then Add Assignments to add users.?

Step 7: Select the user for which enable two-factor authentication needs to be enabled,??then click Assign.

Step 8: Clicking Done will now activate the created permission set.?

Step 9: Log out of your Salesforce account.?

Step 10: Download and install the ‘Salesforce Authenticator’ application from your mobile device’s app market.

Step 11: Open the Salesforce Authenticator app and click Add an Account.

Wrapping Up

Setting up system permissions and authentications is one of the most impactful things you can do to safeguard the business. Many of our clients are already using this,? so get your teams on board today to implement the same.

With an uptick in cyberattacks, it has become more important than ever to take charge of the security of our organization’s accounts. Salesforce MFA is one of the easiest and most reliable methods to combat stolen credentials and unauthorized access.?