Multi-Factor Authentication: As Easy as Washing Your Hands!


How many times a day do you wash your hands? If you think this seems like an absurd question, and totally unrelated to security, you’re wrong… kind of. How are security and health connected? Both require good personal hygiene, a concept as familiar as washing your hands or (you guessed it!) brushing your teeth.

So, what is cyber hygiene, and how can you get better at it? Cyber hygiene can be thought of as best practices, often simple in nature, that keep your systems healthy and your data secure. These best practices are part of a defense in depth strategy — a strategy that ensures there are multiple layers of security so that if one layer fails, another will be there to protect everything. One of the most important, and simplest, cybersecurity best practices is using multi-factor authentication (or MFA, also referred to as two-factor authentication) to secure access to user accounts. MFA asks the user to take an extra step in the login process every time they log in (the hygiene part), but provides an extra layer of protection from intruders that is very difficult to get around.

MFA delivers this extra layer of protection against common security threats by requiring users to verify their identity with two or more pieces of evidence (or factors). These factors are typically something the user knows, such as a username/password combination, plus something they have in their possession, like the code from an authentication app on a mobile device.

You probably use MFA all the time without realizing it. A familiar example of MFA is the process of withdrawing money from an ATM. Your ATM card is something you have, and your PIN is something you know. See, you’re an MFA expert already!

While MFA has become the standard for securing user access in more technical circles, it’s still not widely adopted by the rest of us. Which is a shame, because MFA also protects users from some of the most common cyberattacks, such as phishing and credential stuffing. Just because you’re working from home doesn’t mean hackers are taking a break from their jobs. In fact, there has been a notable uptick in cyber attacks since the beginning of the COVID-19 pandemic.

Many phishing campaigns unfortunately target users with hooks that play on vulnerable situations, like the pandemic or challenges related to working remotely. Researchers at Google estimated that phishing websites increased by 350% between January and March 2020, and mobile phishing attacks went up by 37% this spring, according to a June 2020 report.

What’s clear is that your data is still just as valuable to hackers, even though you’re working from home. Luckily, a great way to combat common cyberattacks like phishing is by setting up MFA!

We’ll go into how to begin rolling out MFA to your users in part two of this series, but if you’re interested in learning how to set up MFA for yourself today, check out our new MFA for Admins Quick Guide.

Introducing Files and Attachments Backup in Salesforce Backup.

Introducing Files and Attachments Backup in Salesforce Backup | Spring ’24

What is Salesforce Backup? Salesforce Backup is our native backup and restore solution designed to safeguard customers’ valuable data. Geared for user-friendly operation, Salesforce Backup automatically creates backup copies of business data, empowering organizations to effortlessly restore data and recover from even the most challenging scenarios. With the Spring ’24 Release, we’re thrilled to announce […]

Introducing Salesforce Backup.

Introducing Salesforce Backup: Your Data’s Safety Net

What is Salesforce Backup? On August 15, Salesforce announced the general availability of Salesforce Backup, a native backup and restore solution designed to safeguard customers’ valuable data. Built with ease of use in mind, Salesforce Backup automatically creates backup copies of business data, empowering any organization to restore data and recover from even the worst-case […]

Cloudy with a laptop standing next to text that says, "Security + AI Basics for Salesforce Admins."

Security + AI Basics for Salesforce Admins

Artificial intelligence (AI) is everywhere right now and everyone is talking about it. From having fun with generative imaging to staring in wonder at driverless cars, it seems that AI is popping up all over the place. Salesforce has made a ton of AI announcements with Sales GPT, Service GPT, Slack GPT, and beyond. As […]