Multi Factor Authentication

Posted on january 13th, 2022 by Vaishali Gupta

Multi Factor Authentication is a feature which prevents unauthorized access to User’s accounts. An organization's prior agenda is to protect their user’s data and prevent it from any cyber attack. This multi factor authentication adds an extra layer of security to protect the Salesforce account and data.

Users need to prove their identity by providing two kind of information

  • Something that User knows (Username and password)
  • Something that User has (Authenticator app Security key)

MFA makes it harder for attackers to attack , they may hack the username and password but can never have access to the second factor i.e. Authenticator app Security key and thus it prevents Users from phishing attacks.

MFA was formerly known as 2FA.There are various methods for authentication in MFA.


MFA

Steps Involved To Enable MFA

Step 1: First step to enable MFA in your org is to create a permission set.


enable MFA

Step 2: Assign this permission set to the User.


Permission Set

MFA implementation has been divided into three phases

  • Get Ready
  • Roll out
  • Manage


Padth To MFA

Step 3: Now as we login into salesforce it will ask to connect to the salesforce Authenticator app.


MFA Login

Users need to download and install the salesforce authenticator app in their mobile phones.They can download the app using the following links.For Android:
https://play.google.com/store/apps/details?id=com.salesforce.authenticator&hl=en_IN&gl=US
For ios: https://apps.apple.com/us/app/salesforce-authenticator/id782057975

Now the User needs to connect their account to the salesforce authenticator app.

Step 4:Go to the salesforce authenticator app on your mobile phone. Add your salesforce account by clicking on the Add account button and it will show a two word phrase, for ex: fine desert.

Step 5:Users have to enter that phrase on the login screen.

Step 6:Click on connect.

Step 7:It will ask the user to verify the account on the mobile phone.


MFA Verify

Step 8: Click on connect in mobile phone , account is successfully added and now User will automatically be logged in to their salesforce org and see their home screen.

Verification Methods

There are three verification methods which are used by Salesforce to login:

Salesforce Authenticator: A free mobile app that provides a unique two word phrase

Third Party TOTP Authenticator apps: It is an application which provides a unique
verification code in mobile phones
Security Keys: These are small physical tokens that look like a thumb drive.


Summary

MFA is the most easy and effective way to protect salesforce data from phishing, threats,outsider’s access etc. From February 2022, Salesforce requires all users to enable MFA to their org to login. This two factor authentication requires two factors : one which the User knows and other the User has.