Salesforce Multi-Factor Authentication (MFA) Requirement (Feb 1, 2022)

  • Published on Dec 24, 2025
  • 2 minute(s) read
  • Migration Team
  • RJ
 Prev Next

On February 1, 2022, Salesforce will be mandating that Multi-Factor Authentication (MFA) be enabled on all Sales Cloud production instances.  What this means for our customers:

  1. This means that on February 1, 2022 any accounts that do not have an approved Multi-Factor Authenticator provider enabled will be unable to login.
  2. TechnoMile runs on top of Salesforce and those customers who have purchased Salesforce directly will need to ensure compliance with this mandate.
  3. This does not apply to TechnoMile OEM Provisioned customers, Sandboxes, or accounts used for integrations (API only).

Click the link to skip to the desired section:

GRC Suite for Business Users

GRC Suite for Administrative Users

GRC Suite for Integration/Service Accounts

GRC Suite for Business Users

GRC Suite is determined through the two scenarios below (as mentioned here: Salesforce Multi-Factor Authentication (MFA) Requirement Check):

  1. If users are logging into Salesforce via Single-Sign-On Provider
    They must also be prompted for a strong verification method from this list (Verification Methods for Multi-Factor Authentication (Salesforce.com):
    • Salesforce Authenticator App
    • Third-Party Authenticator Apps
    • Hardware Based Security Keys
    • Built-in Security Keys, such as in Windows 10 (FIDO2 WebAuthn Standard)
  1. If users log into Salesforce directly using a Salesforce Username and Password:
    They must also be prompted for a strong verification method from this list (Verification Methods for Multi-Factor Authentication (Salesforce.com):
    • Salesforce Authenticator App
    • Third-Party Authenticator Apps
    • Hardware Based Security Keys
    • Built-in Security Keys, such as in Windows 10 (FIDO2 WebAuthn Standard)

GRC Suite for Administrative Users

In Salesforce, there is a setting called Disable login with Salesforce credentials that will force all users to authenticate with the provided Single Sign On settings. TechnoMile recommends this to be flagged for companies that require SSO as the main method for authentication. This setting does not affect Administrative user access to login via direct Username and Password, so as a best practice, please make sure that at least one Administrator retains direct login ability and sets up a strong verification method such as an Authenticator App.

blobid0.png

For TechnoMile Support and Implementation Users, TechnoMile will continue using the Username and Password to login and will enable MFA on our accounts to be compliant. 

GRC Suite for Integration/Service Accounts

Accounts that are used for API integrations do not require MFA as these are Service Accounts.  If you are aware of regular User Accounts being used for integrations these should be updated to remove the MFA restriction as it may cause your integrations to stop working. Please be sure that any accounts used for integrations are set to API Only and NOT Remote Access.

Should you have any questions about MFA or how best to meet the rule, please reach out to your CSM or customersupport@technomile.com.