{"id":44705,"date":"2022-01-07T07:30:13","date_gmt":"2022-01-07T07:30:13","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/"},"modified":"2022-01-07T07:30:13","modified_gmt":"2022-01-07T07:30:13","slug":"salesforce-mandates-mfa-by-default","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/","title":{"rendered":"Salesforce mandates MFA by default"},"content":{"rendered":"<p><span data-label=\"promo\">Paid Feature<\/span> Of all the cybersecurity developments in 2021, a relatively low-key announcement made by software company Salesforce.com (SFDC) in March might eventually turn out to be one of the most significant.<\/p>\n<p>From February 1, 2022 \u201cSalesforce will begin requiring customers to enable multi factor authentication (MFA) in order to access Salesforce products,\u201d read the announcement. From that point onwards, \u201call internal users who log in to Salesforce products (including partner solutions) through the user interface must use MFA for every login.\u201d<\/p>\n<p>Multifactor authentication has been a recommended setting for most business access for years but never has a major service provider insisted customers use it as a precondition of service. Even Google and Microsoft, both big advocates for MFA, do not implement it by default to access their services.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>This change has profound implications: customers unable to implement MFA across their access by the set date can continue to use Salesforce without MFA at their own risk. Salesforce isn\u2019t simply mandating MFA but making the decision not to use it is the customer\u2019s responsibility as part of its terms and conditions.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>\u201cWhat they are doing is delegating this aspect of access security to their customers and saying that they don\u2019t want to be responsible for it,\u201d comments Thales director of product marketing for identity and access management, Danna Bethlehem.<\/p>\n<p>In effect, Salesforce is reformulating the shared responsibility model that normally governs cloud services. This says that the customer has certain responsibilities, while the service provider has others. Changing that for MFA is more than a tweak. Thales statistics suggest that 90 per cent of cyberattacks utilise compromised credentials in some way, which if correct implies that failing to implement MFA on Salesforce is potentially shifting responsibility for almost all cyberattacks involving the service.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>\u201cThe customers that are out of compliance could be held liable for any breaches that occur. This could be a harbinger of things to come,\u201d says Bethlehem.<\/p>\n<p>It\u2019s tempting to be cynical about this shift but it\u2019s worth looking at the issue from Salesforce\u2019s perspective. The targeting of credentials has increased dramatically in a handful of years and Salesforce is among the top list of targets. And yet the technology to defend accounts has been available for years in the form of MFA authentication apps, hardware tokens, and password-free options, all of which are supported by Salesforce.<\/p>\n<p>The uncomfortable fact is that despite the rising number of account compromises, not enough customers have turned it on across the board. From now on, that policy will be their problem, not Salesforce\u2019s. Undoubtedly, Bethlehem\u2019s belief that others will follow Salesforce\u2019s lead is correct. Within a year or two, mandated MFA could quickly become the norm across many cloud services.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The interesting question is perhaps not how many customers will comply but why more of them haven\u2019t done so already in the face of evidence that MFA works well. Bluntly, why is it necessary to mandate a good idea?<\/p>\n<h3 class=\"crosshead\"> <span>Every user is a target<\/span><br \/>\n<\/h3>\n<p>The <a target=\"_blank\" href=\"https:\/\/cpl.thalesgroup.com\/en-gb\/access-management-index%202021\" rel=\"noopener\">Thales Access Management Index<\/a> found that only around 55 per cent of European IT professionals reported that their organisations had adopted MFA, in line with the global average, with the figure for the UK slightly higher at 64 per cent.<\/p>\n<p>These figures sound moderately encouraging until you read that a lot of this MFA usage relates to traditional remote access\/VPN applications and privileged users. For cloud access, only 15 per cent of organisations protected more than 50 per cent of their users.<\/p>\n<p>\u201cIn today\u2019s threat environment, every user is a target. Just having an arbitrary authentication footprint in an organisation is going to leave big gaps,\u201d observes Bethlehem. This approach became obsolete years ago even if it has taken Salesforce\u2019s mandate to ram that point home. \u201cWhen organisations implement MFA for Salesforce they should already have been doing this for all users because all users are targets.\u201d<\/p>\n<p>Of course, telling organisations to implement MFA and that happening are not the same thing which is presumably why Salesforce gave customers 11 months\u2019 notice of the need to comply. Arguably, this isn\u2019t long enough.<\/p>\n<p>Authentication remains complex, starting with the confusing array of options for different use cases. According to Bethlehem, what matters is to stop seeing authentication as something for special occasions and to approach the technology in a more strategic way.<\/p>\n<p>Usually, the issue of implementing MFA strategically is approached either as a technology problem or as a use case problem. The advantage of the first approach is that it is a relatively quick way to get up and running if you\u2019re already invested in MFA and the use cases aren\u2019t complex. For these customers, rolling out Salesforce MFA could be a matter of expanding what they\u2019re already doing.<\/p>\n<p>The second approach is to carry out an audit of the possible use cases, using different methods depending on the user context. This suits organisations that are either not already using MFA widely or have specific requirements, for example the medical or manufacturing sectors where some technologies might be more convenient or compliant than others.<\/p>\n<p>\u201cThe main priority for Salesforce customers will be to implement MFA for Salesforce. But they shouldn\u2019t stop there and should ideally do an assessment of which other applications and users they might need to protect this way,\u201d recommends Bethlehem. \u201cWe help our customers on this discovery process and will do an assessment of their entire environment.\u201d<\/p>\n<h3 class=\"crosshead\"> <span>Technology choices<\/span><br \/>\n<\/h3>\n<p>The clear message from <a target=\"_blank\" href=\"https:\/\/go.theregister.com\/k\/Salesforce_MFA_FAQ\" rel=\"noopener\">Salesforce\u2019s MFA FAQ<\/a> is that some established methods such as SMS texts, phone calls and emails will no longer be good enough to authenticate to their platform, nor will VPN access override this requirement. Technologies such as SMS haven\u2019t been considered secure for several years and emails were never so even though some adopted them as a cheap way to implement the second factor.<\/p>\n<p>That leaves two paths \u2013 the basic MFA offered by Salesforce or using a third party provider. This could include a FIDO token supporting WebAuthn and U2F (for example offered by Thales, Google\u2019s Titan or the YubiKey), or proprietary authentication systems such as Apple\u2019s Touch ID\/Face ID, or Windows Hello.<\/p>\n<p>This is the good news about today\u2019s MFA environment \u2013 there is no shortage of options to choose from. For most organisations, this will mean using the smartphone as the core authenticator, either running an app or using some form of biometrics or FIDO2 WebAuthn. For privileged users, this might be backed up with the gold standard of a FIDO U2F hardware token.<\/p>\n<p>Look a little closer, however, and some caveats appear for the latter option when accessing Salesforce, mainly around browsers. For example, WebAuthn keys aren\u2019t supported in the pre-Chromium versions of Microsoft Edge while U2F is supported only in Google\u2019s Chrome. Similarly, not all U2F tokens support smartphone access seamlessly, or at all.<\/p>\n<h3 class=\"crosshead\"> <span>Authentication everywhere<\/span><br \/>\n<\/h3>\n<p>In Bethlehem\u2019s view, evolving user and security needs will in many cases mean that a bespoke approach is the only option. The USP of an identity and access management specialist such as Thales is that it can integrate any possible combination of hardware and software, including supporting the technologies an organisation has already invested in.<\/p>\n<p>\u201cYou have to take into account how to manage everything, especially if you\u2019re mixing hardware with software. You need a good management backend otherwise the management becomes intense,\u201d observes Bethlehem.<\/p>\n<p>In most cases this will mean a mix of hardware and software MFA for different types of user, often where the problems start. \u201cMany vendors don\u2019t offer integrated hardware and merely support it. If a company wants to add additional types of hardware, they will always have to go to another vendor to do that. But in many cases they don\u2019t offer good management support for these technologies.\u201d<\/p>\n<p>A popular solution for cloud applications such as Salesforce is SSO, which puts multiple services behind the front door of a single authentication interface, for example Thales\u2019s own <a target=\"_blank\" href=\"https:\/\/go.theregister.com\/k\/Safenet\" rel=\"noopener\">SafeNet Trusted Access.<\/a> The disadvantage of SSO is that it relies on a single credential, hence the need to use it with MFA, and often assumes that every user can be governed by a single IAM policy. But the minute an organisation must support a lot of different use cases, that requires a more sophisticated approach to policy configuration. Not all SSO services offer this.<\/p>\n<p>\u201cYou need a policy engine that will enforce the appropriate level of authentication depending on the context of the user, for example accessing a sensitive application governed by regulation. Our policy engine makes sure that the correct authentication is always applied for that user and application,\u201d says Bethlehem.<\/p>\n<p>\u201cThales is the only vendor that sells every option in an integrated way, including adaptive authentication, FIDO tokens, OTP tokens, pattern-based authentication, authentication apps, push authentication, all integrated with an access management system.\u201d<\/p>\n<p>Does the Salesforce policy change have wider implications? In Bethlehem\u2019s view, it\u2019s a signal of the need to adopt authentication because it\u2019s the best way to secure their users, not because they are being told to do it. This will bring with it a significant change in security culture. Until now, only remote workers or privileged users were protected with MFA while everyone else made do with passwords or simple but sub-standard options such as SMS. Now there is a case for onboarding everyone.<\/p>\n<p>\u201cOrganisations are now embracing remote working for all users as an everyday part of their business operation. Salesforce has reminded them that securing this requires that authentication is no longer a luxury and should be used everywhere.\u201d<\/p>\n<p> <i>Sponsored by Thales.<\/i>\n<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/01\/07\/salesforce_mandates_mfa_by_default\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Thales: \u2018Significant change in security culture&#8217; Paid Feature\u00a0 Of all the cybersecurity developments in 2021, a relatively low-key announcement made by software company Salesforce.com (SFDC) in March might eventually turn out to be one of the most significant.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-44705","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-07T07:30:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Salesforce mandates MFA by default\",\"datePublished\":\"2022-01-07T07:30:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/\"},\"wordCount\":1620,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/\",\"name\":\"Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-01-07T07:30:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/salesforce-mandates-mfa-by-default\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Salesforce mandates MFA by default\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/","og_locale":"en_US","og_type":"article","og_title":"Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-01-07T07:30:13+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Salesforce mandates MFA by default","datePublished":"2022-01-07T07:30:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/"},"wordCount":1620,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/","url":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/","name":"Salesforce mandates MFA by default 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-01-07T07:30:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YdiCcT0-HMgjqBqm4TWfvgAAAMc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/salesforce-mandates-mfa-by-default\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Salesforce mandates MFA by default"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=44705"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44705\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=44705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=44705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=44705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}