Did you know that Salesforce will be automatically enabling and enforcing Multi-Factor Authentication (MFA) for all direct logins to Salesforce products in 2023? With this change, users must provide an MFA verification method in addition to their username and password when they log in to your org’s UI. Salesforce users were made aware of this update in February 2022, but could opt out of the change at the time. MFA will now be compulsory for all direct logins to Salesforce orgs.
Who is affected: Users logging in directly to your org’s UI with a username and password.
- Users accessing your Salesforce org via single sign-on (SSO) are not affected.
- Some user types are exempt from needing to use MFA and most of these cases are automatically excluded when this change goes into effect. See the Salesforce MFA FAQ for details.
- Several exempt user types must be manually excluded by a Salesforce admin prior to this change to prevent MFA being assigned to them. See Exclude Exempt Users from MFA for details.
What is the impact?
When MFA is turned on for your org, the process for logging in to the UI changes. After a user enters their username and password, they must verify their identity with an MFA verification method, such as an authenticator app, security key, or built-in authenticator. If users haven’t done so already, they’re prompted to register a verification method the next time they log in.
To understand when your Salesforce products will be affected by the change, take a look at the MFA Enforcement Roadmap.
For advice and assistance in implementing MFA, email firstname.lastname@example.org or give us a call on 0117 230 2390.