Salesforce Recommends Duo to Meet New MFA Requirement

This article has been indexed from

The Duo Blog

Salesforce is putting new policies in place next month to better protect their customers and keep their data secure. Starting February 1, the leading customer relationship management company will require all customers to use multi-factor authentication (MFA) — and Duo is among the top solutions they recommend.

“On their own, usernames and passwords no longer provide sufficient protection against cyberattacks. … With threats like phishing attacks, credential stuffing, and account takeovers on the rise, MFA is one of the most effective ways to prevent unauthorized account access.” —Salesforce Multi-Factor Authentication FAQ

So what exactly counts as MFA? While some companies use SMS or email to share a one-time passcode to log in, this simple two-factor authentication (2FA) method will not satisfy the new requirements. VPNs, password managers and trusted devices, (all great security measures) will not count towards compliance either. Salesforce is very explicit about what is and is not MFA and has provided an MFA Requirement Checker to ensure your company has satisfied the requirement.

For companies that do not comply, there are significant consequences, including legal liability for cyberattacks and potentially blocking access to Salesforce in the future. However, Salesforce is providing multiple options to make sure all organizations have the support and resources they need to take action. 

One potential solution is the Salesforce Authenticator app. This free app works on all Salesforce products and is an option to ensure all organizations have access to MFA. While the Authenticator app is a good backup, Salesforce recommends using MFA delivered via third-party single sign-on (SSO). Fortunately, Duo’s SSO and Duo’s MFA solutions can easily address these concerns.