If your organization has Single sign-on (SSO) established with your Simpplr intranet, the guidance below will help you meet the multi-factor authentication (MFA) requirements put into place by Salesforce. This will ensure your org's intranet and the information within are well protected.
First, if you do not have an SSO enabled for your org, we recommend you enable MFA for Salesforce. The following Salesforce Help guide will walk you through the steps required to enable it:
Your Simpplr rep can also enable MFA for your organization. Contact them for more details.
If your SSO system already uses MFA, there is no need to enable Salesforce's MFA, even though you're using a Salesforce product (Simpplr). We recommend verifying your SSO MFA requirements with your IT team, and that the following recommendations are put in place for your org:
Let’s start with verification methods that don’t satisfy the requirement. These methods are inherently vulnerable to interception, spoofing, and other attacks:
- Text messages
- Phone calls
If your SSO relies on one of these methods, you may want to enable Salesforce's MFA.
To satisfy Salesforce's MFA requirements, you must use verification methods that are more resistant to cyberattacks (such as phishing and man-in-the-middle attacks). These types of methods help provide high assurance that users accessing Simpplr are who they say they are.
The following methods are approved by Salesforce, and meet the requirement:
- Salesforce Authenticator mobile app (available on the App store or Google Play)
- Time-based one-time passcode (TOTP) authenticator apps such as Yubico’s YubiKey™ or Google’s Titan™ Security Key
- Built-in authenticators, such as Touch ID®, Face ID®, or Windows Hello™
Refer to Verification Methods for Multi-Factor Authentication in Salesforce Help to see the benefits and considerations for each method.