Multi-Factor Authentication: As Easy as Washing Your Hands!

By

How many times a day do you wash your hands? If you think this seems like an absurd question, and totally unrelated to security, you’re wrong… kind of. How are security and health connected? Both require good personal hygiene, a concept as familiar as washing your hands or (you guessed it!) brushing your teeth.

So, what is cyber hygiene, and how can you get better at it? Cyber hygiene can be thought of as best practices, often simple in nature, that keep your systems healthy and your data secure. These best practices are part of a defense in depth strategy — a strategy that ensures there are multiple layers of security so that if one layer fails, another will be there to protect everything. One of the most important, and simplest, cybersecurity best practices is using multi-factor authentication (or MFA, also referred to as two-factor authentication) to secure access to user accounts. MFA asks the user to take an extra step in the login process every time they log in (the hygiene part), but provides an extra layer of protection from intruders that is very difficult to get around.

MFA delivers this extra layer of protection against common security threats by requiring users to verify their identity with two or more pieces of evidence (or factors). These factors are typically something the user knows, such as a username/password combination, plus something they have in their possession, like the code from an authentication app on a mobile device.

You probably use MFA all the time without realizing it. A familiar example of MFA is the process of withdrawing money from an ATM. Your ATM card is something you have, and your PIN is something you know. See, you’re an MFA expert already!

While MFA has become the standard for securing user access in more technical circles, it’s still not widely adopted by the rest of us. Which is a shame, because MFA also protects users from some of the most common cyberattacks, such as phishing and credential stuffing. Just because you’re working from home doesn’t mean hackers are taking a break from their jobs. In fact, there has been a notable uptick in cyber attacks since the beginning of the COVID-19 pandemic.

Many phishing campaigns unfortunately target users with hooks that play on vulnerable situations, like the pandemic or challenges related to working remotely. Researchers at Google estimated that phishing websites increased by 350% between January and March 2020, and mobile phishing attacks went up by 37% this spring, according to a June 2020 report.

What’s clear is that your data is still just as valuable to hackers, even though you’re working from home. Luckily, a great way to combat common cyberattacks like phishing is by setting up MFA!

We’ll go into how to begin rolling out MFA to your users in part two of this series, but if you’re interested in learning how to set up MFA for yourself today, check out our new MFA for Admins Quick Guide.

Remove Security Risks From Your Org With a User Audit

The right level of user access is critical to security, and as an #AwesomeAdmin, you play a key role in strengthening the security of your org. With many of us working from home these days, hackers are increasing their efforts with phishing attacks targeting user credentials. The cybersecurity threat landscape is always evolving to include […]

READ MORE

Metrics and Insights to Help You Boost Login Security

As you’ve probably heard, Trust is our #1 value here at Salesforce. We take your data security seriously. That’s why we encourage admins to implement multi-factor authentication (MFA) for your org logins. Multi-factor authentication (MFA) is an effective way to increase protection for user accounts against common threats like phishing attacks, credential stuffing, and account […]

READ MORE

Everything Admins Need to Know About the MFA Requirement

It feels like we’ve talked about security a lot in the past year, doesn’t it? Whether you tuned into #LowCodeLove on Trailhead Live, read about washing your hands, or listened to one of our favorite Salesforce MVPs talk about her experience rolling out MFA, it’s been top of mind. At Salesforce, we’re always thinking of […]

READ MORE

Have an Idea for a Story?

We are all about the community and sharing ideas.
Do you have an interesting idea or useful tip that you want to share?

SHARE YOUR IDEA