Submission + - Salesforce to require MFA for all users starting next month (therecord.media)
An anonymous reader writes: Salesforce, the world’s largest customer relationship management (CRM) platform, said that customers must have a form of multi-factor authentication (MFA) turned on starting next month, or they won’t be able to access their accounts. “Beginning February 1, 2022, Salesforce will require customers to use MFA in order to access Salesforce products,” the company said last year.
Salesforce said that users will be able to choose from using security keys, an authenticator app, or an OS biometrics systems to secure accounts. MFA solutions that rely on sending one-time passcodes via email, phone, or SMS messages won’t be allowed “because these methods are inherently vulnerable to interception, spoofing, and other attacks,” Salesforce explained.
Salesforce said that users will be able to choose from using security keys, an authenticator app, or an OS biometrics systems to secure accounts. MFA solutions that rely on sending one-time passcodes via email, phone, or SMS messages won’t be allowed “because these methods are inherently vulnerable to interception, spoofing, and other attacks,” Salesforce explained.
