Issue
Why are Salesforce and Heroku requiring MFA?
Resolution
There’s nothing more important than the trust and success of our customers. We understand that the confidentiality, integrity, and availability of each customer’s data is vital to their business, and we take the protection of that data very seriously. As the global threat landscape evolves, it’s important for our customers to understand that the types of attacks that can cripple their business and exploit consumers are on the rise. As businesses transition to remote work environments, it’s more important than ever to implement stronger security measures.
A key part of your security strategy is safeguarding access to your Salesforce and Heroku user accounts. On their own, usernames and passwords no longer provide sufficient protection against cyberattacks. That’s where MFA comes in. It’s one of the simplest, most effective ways to prevent unauthorized account access and safeguard your data and your customers’ data. We’re requiring customers to enable MFA to help mitigate the risks stemming from threats like phishing attacks, credential stuffing, and compromised devices.