With that in mind, we’re introducing updates in the Spring ‘17 release like enhanced two-factor authentication (2FA) verification and faster Lightning Login to make hitting those 2017 #securitygoals a little bit easier. These are important improvements that could really make a difference in your organization’s data security, so trust us on this: you’ll want to keep reading.
Easier, Better Authentication
When your users go to log in to Salesforce, they first encounter a login screen. The login process provides us with an opportunity to authenticate the user (making sure the credentials entered are really being used by the intended person). Because this is such a crucial step in the overall protection of your data, we thought this was a great place to focus our efforts. Starting in Spring ‘17, users will be required to verify their identity when attempting to add two-factor authentication (2FA) methods.
To further protect your organization’s account credentials, anyone who chooses to add a 2FA method will be prompted for identity verification instead of logging in with their username and password. Users can verify their identity using any method that they have access to, including Salesforce Authenticator, verification codes from an authenticator app, U2F security keys and temp codes/one-time passwords.
Simplified Lightning Login
You may remember Lightning Login from Winter ‘17. If you haven’t upgraded to it already, you should.
Why? On top of the convenience of password-free logins, we’ve refined the authentication process to make Lightning Logins faster by allowing users to tap Approve in Salesforce Authenticator on mobile devices that are already unlocked with a fingerprint or PIN. A fingerprint or PIN is no longer required if the device is unlocked or the user has the “Two-Factor Authentication for User Interface Logins” permission enabled. On locked devices, users will still be required to use a fingerprint or PIN to login to the device itself, but will no longer need to provide additional credentials to gain access to the app.
Be sure to encourage all your Lightning Login users to upgrade now to the latest version of Salesforce Authenticator so they can continue logging in password-free! 2FA is built into Lightning Login, saving you the work of managing a separate, redundant 2FA requirement for Lightning Login users. Users can check their current version in the app store on their mobile device.
If you’re eager to up your security game, check out this webinar on How to Become a Security-Minded Admin.
For more information on things you can do to become a Salesforce security expert, check out these awesome resources:
- See why Two-Factor Authentication is the #1 way to protect user accounts
- Learn how to educate your users about security with our Security Basics badge
- Get familiar with all security updates in the Spring ‘17 Release Notes