Salesforce voorjaarsversie 2023: Multi-Factor Authenticatie
This month, Spring Release '23 is being rolled out. One of the most important updates is the first step toward making MFA mandatory for all production environments. We highlight the pros and cons of all verification methods for you.
What is MFA?
The abbreviation MFA stands for Multi-Factor Authentication. This is a setting that requires users to provide additional proof to confirm their identity at login. MFA is necessary because the combination of just username and password provides insufficient protection. As the name implies, MFA uses multiple factors that require confirmation after entering your login information. For example, entering a code from the Salesforce Authenticator app.
What does this mean to you?
If you have not previously set up MFA for your organization, it will be automatically enabled by February 2023. This will require employees accessing Salesforce to always verify identity with an MFA authentication method. MFA is expected to become fully mandatory in September 2023. This means that from then on it will no longer be possible to disable MFA. The speed at which MFA will become mandatory highlights the urgency for having the right settings in place.
The verification methods
Salesforce only allows the use of strong authentication methods. However, the methods do differ in ease of use. Therefore, choosing an authentication method depends entirely on your organization's capabilities and needs.
1. Salesforce Authenticator app
The most common method is the Salesforce Authenticator App. Because it is provided by Salesforce, the app syncs excellently with the Salesforce environment. All you need for this is a mobile device.
2. A third-party authenticator app such as Google or Microsoft
Another option is a third-party authenticator app, such as Google and Microsoft. The advantage of this authentication method is that you can choose from a large selection. The disadvantage is that these apps are not part of Salesforce and thus can cause faster synchronization problems.
3. Security key
If one prefers not to use an application, there is the option of using a security key. This is a physical token that resembles a USB and can be connected to a computer. A security key is easy and quick to use, requires no batteries and can recognize and reject fraudulent requests. The downside is that it comes at a cost and is easy to lose.
4. Built-in authenticators such as Touch ID and Face ID
The last option supported by Salesforce is the use of a built-in authenticator, such as Face ID and Touch ID. The advantage of this method is that it does not require applications and uses biometric personal data. This does require that the device being used must support Web Authentication. In addition, it can only be associated with one device.
Ready for the Salesforce Spring Release '23?
Automatically enabling MFA for organizations is just one of the new updates within the Salesforce Spring Release '23. Other updates may also be of interest to your organization. Want to learn more about specific features that can improve your business processes? Send a message and get in touch with one of our Salesforce Consultants.