MFA Requirement Is in Effect and Enforcement Is Coming. The requirement to use multi-factor authentication (MFA) when accessing Salesforce products went into effect on February 1, 2022. All users are now required to use MFA when they log in to your Salesforce org, whether they’re logging in directly with a username and password or using SSO. If you haven’t finished rolling out MFA, your users can continue logging in as they do today. But keep in mind that Salesforce is automatically enabling and enforcing MFA in the future. To avoid disruptions to your business when these milestones go into effect, and to protect your valuable data, we strongly recommend enabling MFA yourself as soon as possible
Where: This change applies to Lightning Experience, Salesforce Classic, and all Salesforce mobile apps in all editions.
When: As of February 1, 2022, Salesforce customers are contractually required to use MFA when accessing Salesforce products, per the Salesforce Trust and Compliance Documentation. In the future, Salesforce is automatically enabling and enforcing MFA for all orgs. To monitor the projected dates for the auto-enablement and enforcement milestones, see the MFA Enforcement Roadmap.
How: To implement and roll out MFA on your own:
- Check out the Multi-Factor Authentication Assistant. In Lightning Experience, from Setup, in the Quick Find box, enter MFA, and then select Multi-Factor Authentication Assistant.
- Get customizable templates for rollout planning and change management by downloading the MFA Rollout Pack.
- Make sure that your implementation satisfies the terms of the MFA requirement with the MFA Requirement Checker.