Home > Blog > Salesforce > Activate Salesforce Multi-factor Authentication by 2022
Top pick Salesforce releases of 2020
Dynamic forms and Record-triggered Flows, our top pick Salesforce Releases of 2020
December 17, 2020
Enterprise case Soprema
The importance of partnering up with a local Salesforce implementation partner
February 23, 2021
Salesforce Multi-factor Authentication

Protecting your data and ensuring that all data remains confidential but available is hugely important, as a Salesforce implementation partner we know this better than anyone. That’s why we bring you up to date with the new authentication in Salesforce: multi-factor authentication or MFA for short. It’s a secure authentication method where your identity is proven based on 2 steps when you log in. One factor will be something you know: a password and username. The second factor will be a verification you own: a security key or authenticator app. In this way, phishing attacks or account takeovers make it harder to gain access to your Salesforce environment and thus your data.

MFA is one of the easiest ways to secure your logins and better protect your data. As a customer, you may receive a call from a Salesforce representative about this in the course of 2020.

Activeer MFA voor 2022

In fact, starting February 1 2022, Salesforce will require users to enable it to access their Salesforce environment. Don’t worry: MFA is free and easy to enable. If you want to know how, watch our short video so one of your admins can activate it. That way you’ll be in line with the new ‘policy’ well in advance.

Hoe activeer je MFA in jouw Salesforce

We’re happy to explain how to activate this MFA in your Salesforce environment:

In Setup, enter Profiles in the Quick find box and then select ‘Profiles’.

  1. Selecteer een profiel.
  2. Ga naar Session Settings en zoek de instelling ‘Session security level required at login’
  3. Klik ‘Edit’, en selecteer ‘High assurance’

mfa

4. Save

5. In Setup, voer je Session Settings in in de Quick find box en selecteer je Session Settings.

6. Controleer Session Security Levels als de MFA in de kolom High Assurance staat.

If the MFA is in the standard column, users receive an error message when they log in using a method that provides standard-level security.

mfa1

Note: Are you considering moving the activation to the ‘High Assurance’ column? With this setting, users who verify their identities at login are not asked to verify their identities again.

  1. Save

We’ll give an example. You have Facebook and LinkedIn configured as authentication providers on your site. Many members use social sign-on to log in using the username and password of their Facebook or LinkedIn account. If you want to increase security by requiring users to use MFA when they sign in to their Facebook account, and you want the users who sign in with their LinkedIn account to automatically gain High Assurance access and bypass the MFA.

Then go through the following steps:

  1. Stel in de ‘Customer Community User profile’ het login beveiligingsniveau in naar High Assurance
  2. Bewerk in jouw organisatie session settings de veiligheidsinstellingen van jouw organisatie.
    1. Gezien jij MFA verplicht maakt voor Facebook accounts, zorg dat Facebook in de ‘Standard’ kolom staat
    2. Voeg MFA toe aan de kolom High Assurance. Als gebruikers zich aanmelden met Facebook moeten ze naast hun gebruikersnaam en wachtwoord ook een verificatiecode doorgeven
    3. Voeg LinkedIn toe aan de High Assurance kolom. Als gebruikers zich aanmelden met hun LinkedIn account, krijgen zij toegang zonder dat zij een verficatiemethode moeten opgeven.

MFA2

We hope this will help you get started with this activation. If you still have questions, please do not hesitate to contact us. We’ll be happy to help you.