Security Updates in the Spring ‘17 Release

By

New year, new resolutions. What a great time to address some of those security concerns for the upcoming year!

With that in mind, we’re introducing updates in the Spring ‘17 release like enhanced two-factor authentication (2FA) verification and faster Lightning Login to make hitting those 2017 #securitygoals a little bit easier. These are important improvements that could really make a difference in your organization’s data security, so trust us on this: you’ll want to keep reading.

Easier, Better Authentication

When your users go to log in to Salesforce, they first encounter a login screen. The login process provides us with an opportunity to authenticate the user (making sure the credentials entered are really being used by the intended person). Because this is such a crucial step in the overall protection of your data, we thought this was a great place to focus our efforts. Starting in Spring ‘17, users will be required to verify their identity when attempting to add two-factor authentication (2FA) methods.

To further protect your organization’s account credentials, anyone who chooses to add a 2FA method will be prompted for identity verification instead of logging in with their username and password. Users can verify their identity using any method that they have access to, including Salesforce Authenticator, verification codes from an authenticator app, U2F security keys and temp codes/one-time passwords.

Simplified Lightning Login

You may remember Lightning Login from Winter ‘17. If you haven’t upgraded to it already, you should.

Why? On top of the convenience of password-free logins, we’ve refined the authentication process to make Lightning Logins faster by allowing users to tap Approve in Salesforce Authenticator on mobile devices that are already unlocked with a fingerprint or PIN. A fingerprint or PIN is no longer required if the device is unlocked or the user has the “Two-Factor Authentication for User Interface Logins” permission enabled. On locked devices, users will still be required to use a fingerprint or PIN to login to the device itself, but will no longer need to provide additional credentials to gain access to the app.

Be sure to encourage all your Lightning Login users to upgrade now to the latest version of Salesforce Authenticator so they can continue logging in password-free! 2FA is built into Lightning Login, saving you the work of managing a separate, redundant 2FA requirement for Lightning Login users. Users can check their current version in the app store on their mobile device.

If you’re eager to up your security game, check out this webinar on How to Become a Security-Minded Admin.

For more information on things you can do to become a Salesforce security expert, check out these awesome resources:

Image of Mia Pacey next to text that says "Skills for Success: Security Management."

Hone Your Security Management Skills as a Salesforce Admin

As Salesforce Admins, we work with important data and have a powerful platform at our fingertips. But as the saying goes, with great power comes great responsibility. You, as an admin, must promote a culture of positive security controls, protect your organization’s data from unauthorized access, and be security responsible. You play a crucial role […]

READ MORE
Green meadow and text that says "Admin Configuration Kit: Security & Visibility."

Design User Security and Visibility with This Admin Configuration Kit

What’s an Admin Configuration Kit? Let’s set the scene. You’re an admin. You’ve talked to your users. You know what they want, functionally, but you don’t know how to configure it. You don’t even know what you’re supposed to configure! Normally at this point, you’d start searching Google, Help & Training, Trailhead, the Trailblazer Community, […]

READ MORE
Ruth and Cloudy having a picnic next to text that says "Learn MOAR: #5 Event Monitoring."

Learn MOAR in Spring ’22 with Event Monitoring 💻

Follow and complete a Learn MOAR Spring ’22 trailmix for admins or developers by March 31, 2022, 11:59 p.m. PT, to earn a special community badge and enter for a chance to win one of five $200 USD Salesforce Certification vouchers. Learn how to participate and review the Official Rules by visiting the Trailhead Quests […]

READ MORE

Have an Idea for a Story?

We are all about the community and sharing ideas.
Do you have an interesting idea or useful tip that you want to share?

SHARE YOUR IDEA