New year, new resolutions. What a great time to address some of those security concerns for the upcoming year!
With that in mind, we’re introducing updates in the Spring ‘17 release like enhanced two-factor authentication (2FA) verification and faster Lightning Login to make hitting those 2017 #securitygoals a little bit easier. These are important improvements that could really make a difference in your organization’s data security, so trust us on this: you’ll want to keep reading.
When your users go to log in to Salesforce, they first encounter a login screen. The login process provides us with an opportunity to authenticate the user (making sure the credentials entered are really being used by the intended person). Because this is such a crucial step in the overall protection of your data, we thought this was a great place to focus our efforts. Starting in Spring ‘17, users will be required to verify their identity when attempting to add two-factor authentication (2FA) methods.
To further protect your organization’s account credentials, anyone who chooses to add a 2FA method will be prompted for identity verification instead of logging in with their username and password. Users can verify their identity using any method that they have access to, including Salesforce Authenticator, verification codes from an authenticator app, U2F security keys and temp codes/one-time passwords.
You may remember Lightning Login from Winter ‘17. If you haven’t upgraded to it already, you should.
Why? On top of the convenience of password-free logins, we’ve refined the authentication process to make Lightning Logins faster by allowing users to tap Approve in Salesforce Authenticator on mobile devices that are already unlocked with a fingerprint or PIN. A fingerprint or PIN is no longer required if the device is unlocked or the user has the “Two-Factor Authentication for User Interface Logins” permission enabled. On locked devices, users will still be required to use a fingerprint or PIN to login to the device itself, but will no longer need to provide additional credentials to gain access to the app.
Be sure to encourage all your Lightning Login users to upgrade now to the latest version of Salesforce Authenticator so they can continue logging in password-free! 2FA is built into Lightning Login, saving you the work of managing a separate, redundant 2FA requirement for Lightning Login users. Users can check their current version in the app store on their mobile device.
If you’re eager to up your security game, check out this webinar on How to Become a Security-Minded Admin.
For more information on things you can do to become a Salesforce security expert, check out these awesome resources:
In today’s digital landscape, ensuring the security of customer data is one of the top priorities for Salesforce Admins. With the increasing frequency of security breaches, the need for robust protection of sensitive information is more critical than ever. Exposing services to the public internet inherently opens up vulnerabilities that can lead to unauthorized access, […]
As a Salesforce Admin, you play a crucial role in maintaining the security of your company’s valuable data. In fact, security is one of the five admin core responsibilities. New technologies like GenAI and Salesforce’s Agentforce bring increased value to admins, but also new security challenges. Following security best practices is more important than ever […]
As admins, you hold the keys to success for your users and companies to get the most out of Salesforce. You have the unique opportunity to build and manage trusted solutions that drive productivity and innovation through five core admin responsibilities: security, user management, data management, analytics, and a new core responsibility: product management. The […]
