Securing Salesforce.com access
Use a single, cost-effective U2F token
Easy to deploy, simple to use, physical 2nd factor security
Key-ID FIDO U2F keys work with Salesforce’s two factor authentication logon process, which is easy to activate within the Salesforce configuration options. Because the U2F standard is supported natively by compatible web browses there’s no other set-up required. Users simply self-register, and then use their unique cryptographic USB key to access their account by tapping its button when prompted during log-in.
Easy to deploy
Provide each user with their own FIDO certified U2F key from Key-ID. No pre-registration or configuration of keys required.
Enable two factor authentication for user log-in from within Salesforce settings. This can be done for individual users or based on custom profiles. Access to Salesforce via single-sign-on also supports U2F authentication.
That’s it! Stronger security, greater user convenience and easier deployment than mobile OTP (One-Time-Passcode) based 2nd factor authentication.
Salesforce admins can monitor two factor authentication usage, disconnect a key from a user if it’s lost, or provide a temporary code for a user who doesn’t have their key with them (although Key-ID U2F keys come with a keyring attachment to keep them handy at all times).
Simple to use
Users register their key with their Salesforce.com account by choosing the ‘Register’ option on the Advanced User Details page.
When signing-in to Salesforce users are prompted to insert their FIDO key into a USB slot and press the button. That’s it!
No drivers or software to install for FIDO U2F compatible browsers, including Chrome and Opera.
No manual typing of random codes or need for a mobile phone or SMS messaging.
The Salesforce App Launcher gives users a convenient portal to other internal company applications, and makes use of the same U2F key for controlled access to these apps.
The same key can also be used to secure account access to other FIDO complaint online services, such as Dropbox and Google’s G Suite. Attaching the U2F key to a keyring ensures it’s always on hand when needed.
Why 2 factor security?
Usernames and passwords just aren’t enough; known data breaches have impacted hundreds of millions of accounts while new phishing and man-in-the-middle threats are emerging all the time. FIDO U2F authentication provides far greater account protection by requiring the additional verification of a unique physical key that uses highly secure embedded public key cryptography, making them effective against ‘time-of-use‘ phishing attacks which can capture other 2-step authentication responses (including OTP codes).