Dreamforce 2016 – FIDO U2F YubiKey Log In to Salesforce

Momentum is the motion of a moving body, measured as a product of its mass and velocity. Today, we see the mass and velocity of the world’s largest cloud ecosystem get behind FIDO Universal 2nd Factor (U2F) strong authentication.

At this week’s Dreamforce 2016, conference attendees will get the first look at new native support of U2F in the Salesforce Winter ’17 release. Once enabled by an organization’s Salesforce administrator, end users can authenticate with any YubiKey that supports U2F to securely log in to their Salesforce accounts with superior security and unmatched simplicity. Furthermore, that same YubiKey can be used to authenticate to the ever-growing list of services that support U2F.

After a Salesforce user registers their YubiKey with their account, they log on as usual with their username and password. But before they are granted access, they are prompted to insert their YubiKey into their computer’s USB port and touch the device’s button. This  completes a strong authentication based on public key cryptography, that thwarts phishing and man-in-the-middle attacks that plague other solutions such as one-time codes sent via SMS.

Users can register both a YubiKey and the Salesforce Phone App with their Salesforce account so they always have a backup authenticator. If their phone is dead a user can use their YubiKey. Or if they don’t have their YubiKey, they can use the phone app.

To learn more about U2F, YubiKey, and the Salesforce integration, sign up to attend a joint webinar hosted by Yubico and Salesforce on Oct. 20 (sign up here!). Together, we will demonstrate how easy it is to activate U2F on the Salesforce platform. We will also dive into the growing importance of the FIDO Alliance protocol, and discuss the cost savings achieved with YubiKey as a second factor for authentication.

Salesforce’s U2F integration comes on the heels of more than a dozen online services that have made support for U2F beginning with Google, Github, Dropbox, and most recently Okta, Gitlab, Dashlane, and Bitbucket. As we read daily about new password and data breaches, companies are moving to strong, open authentication built on U2F. Google tracked the authentication habits of 50,000 employees using U2F within the company over a two-year period. The results showed that compared against Google’s own authenticator phone app, U2F was faster, more secure, and reduced support costs by thousands of hours per year.

We hope to see you in San Francisco. Stop by our Dreamforce Booth #345 in Moscone South Hall. We are demoing the YubiKey with Salesforce Winter ’17, along with other slick U2F-based services.

Talk to our teamTalk to our team

Share this article:


  • Cybersecurity in 2025 – part two: Insights and predictions from Yubico’s expertsIn part one of our 2025 cybersecurity predictions, we highlighted insights from our experts on the topic of passkeys, digital identity wallets and the threats of AI-driven phishing – areas that saw a lot of focus in 2024, and ones that we expect to continue being a major focus this year. If you missed our […]Read morecritical infrastructurefederal governmentfinancial servicespredictions
  • Cybersecurity in 2025: Insights and predictions from Yubico’s expertsWith 2024 behind us, we saw another challenging year in the world of cybersecurity – highlighted by new and evolving threats like Artificial Intelligence (AI)-driven phishing and increasingly sophisticated cyber attacks overall. Yubico’s September Global State of Authentication Survey confirmed the challenges, even underscoring the potential risks of these new threats. The report emphasized the […]Read moreAIdigital identity walletspasskeyspredictions
  • State of Global Authentic(age)ion: A look at cybersecurity habits by generationsNo generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as […]Read moreState of Global Authenticationsurvey
  • Yubico named finalists of German digital identity innovation competitionIn 2023, Yubico began collaborating on an exciting open standards identity project – wwWallet – to shape the future of digital identity across Europe and beyond. The project saw immediate success solving problems for global identity, and was submitted in the German SPRIN-D European Digital Identity (EUDI) Funke competition which aims to develop and test […]Read moreEU Digital Identity WalletEUDIwwWalet