General FAQs

General FAQs

A security key is a small physical device that looks like a USB thumb drive, and works in addition to your password on sites that support it. You can carry it on a keychain like a regular key.

A Card is a hardware authentication solution that provides a simple and intuitive authentication experience that users find easy to use and enhance organizational security. They are a multi-purpose option for organizations looking to couple physical and digital access. It does not require a battery making the keys everlasting. The same card can be used to authenticate more than 42.9 billion times over the life time.

Security keys or card protect you against impostor websites that try to steal login credentials to sensitive accounts like your email. Other forms of two-factor authentication (including text messages, authenticator apps, and push notifications) do not give you the same level of protection as a security key.

The key or card is a ‘second factor’, which means you use it in addition to your password. After logging in normally, sites that support it will ask you to briefly insert the key into a USB port and tap the button with your finger.

MFA is an effective way to increase protection for user accounts against common threats like phishing attacks, credential stuffing, and account takeovers. It adds another layer of security to your login process by requiring users to enter two or more pieces of evidence — or factors — to prove they’re who they say they are. One factor is something the user knows, such as their username and password combination. Other factors are verification methods that the user has in their possession, such as an authenticator app or security key. A familiar example of MFA at work is the two factors needed to withdraw money from an ATM. Your ATM card is something that you have and your PIN is something you know.

By tying user access to multiple, different types of authentication factors, it’s much harder for a bad actor to access your Salesforce environment. For example, even if a user’s password is stolen, the odds are very low that an attacker will also be able to guess or hack a code from the user’s authentication app.

MFA and 2FA both protect against unauthorized access by requiring a user to provide multiple authentication factors to prove their identity. The only difference between them is the number of factors that are needed to log in. MFA requires two or more factors, providing options for many combinations of authentication mechanisms. 2FA, on the other hand, is a subset of MFA that requires two factors only.