An anonymous reader writes: Salesforce, the world’s largest customer relationship management platform, said that customers must have a form of multi-factor authentication (MFA) turned on starting next month, or they won’t be able to access their accounts. “Beginning February 1, 2022, Salesforce will require customers to use MFA in order to access Salesforce products,” the company said last month.
Salesforce said that users will be able to choose from using security keys, an authenticator app, or an OS biometrics systems to secure accounts. MFA solutions that rely on sending one-time passcodes via email, phone, or SMS messages won’t be allowed “because these methods are inherently vulnerable to interception, spoofing, and other attacks,” Salesforce explained.
“We encourage users to register multiple verification methods so they have a backup in case they forget or lose their primary method,” the company added.