Ever since Salesforce announced they would enforce multi-factor authentication (MFA), clients have been complaining.
Between you and me, it IS a pain in the butt. But there is a reason for this madness and that is people are notoriously bad with passwords.
It amazes me that some people think “password” is a clever password. Or “Password123”. Like wow, you’re SO clever.
Sadly, not enough people use a password manager, like BitWarden or LastPass or 1Password. Those managers can generate long and secure passwords, so you
- have a unique password for each website/application
- don’t need to remember each of those passwords
- only need to remember one master password (and hopefully that’s not “password”, sigh)
MFA is one of the most reliable ways to secure Salesforce, and any other system that contains valuable data. Data breaches can cost organizations millions of dollars and hundreds of hours to restore. It’s like a virus scanner; you have one in the hope to never find a virus.
In addition, using MFA with the Salesforce mobile app is relatively easy, as it pops a confirmation on your phone. No need to hunt for the app and then retype some numbers. Also, if your location doesn’t change, you don’t have to redo MFA this each time you login.
The takeaway
When clients complain, it’s up to you as a Salesforce consultant to explain the benefits of MFA. A small inconvenience when logging in makes you and your organization’s data safe.