Everything Admins Need to Know About the MFA Requirement - Salesforce Admins

What is Multi-Factor Authentication?

Enabling MFA is Super Easy

As cyberattacks grow more common, passwords no longer provide sufficient protection against unauthorized account access. That is why salesforce is making Multi-factor Authentication (MFA) mandatory. MFA adds an extra layer of protection by not only requiring something you know to login (your password) but also something you have (a device, for instance your phone) providing you with a prompt or code. 

Salesforce has proposed three methods for implementing Multi-factor Authentication.

–        Salesforce Authenticator Mobile App: If you use Salesforce Authenticator Mobile App for MFA, it will notify you anytime someone attempts to log in to your account, as well as their location. As a result, with only a tap, you can allow or refuse login attempts. Users of iOS and Android can download the Salesforce Authenticator App for free.

–        Third-Party Authenticator Apps: MFA approach allows you to validate your identity using one-of-a-kind temporary codes known as Time-Based One-Time Passwords. You have various options if you wish to use this method for MFA, including Google Authenticator, Microsoft Authenticator, and Authy.

–       Security Keys: This is a compact, easy-to-use physical gadget. If you don’t have a mobile device or aren’t allowed to bring one to work, this is the best method of authentication. It does not require any installation or entry of codes.

What Types of Verification Methods Do Salesforce Products Support for MFA?

Enabling MFA using the Salesforce provided authenticator app is super easy. Check out the steps here. If you want to test your MFA setup, I would advise to enable it for a profile on a sandbox first and test it out with a test user. Also check out the Multi Factor Authentication Assistant in Salesforce Setup.

IMPORTANT: Make sure there is at least one user (most likely the admin) who can login into Salesforce without MFA. If for some reason the MFA setup fails, that person will at least be able to login to modify the MFA settings. Also think about Integration users or other use cases which are not able to adhere to the MFA requirement.


Now that businesses are returning to offices and workplaces, it is critical to ensure that people and data are protected. If you have any questions please reach out Digiphi using the contact form on our website. We would love to help you out!