YubiKey powers Salesforce 2FA platform

In the next three weeks, Salesforce will add a second major piece within the past year to its identity and access management capabilities. At its annual Dreamforce conference, Salesforce will unveil the Winter 15 edition, including a new feature called Login Flows that allows Salesforce admins to customize the login experience for their users.

On Day One of Dreamforce, I’ll take the stage with Salesforce engineers to show off YubiKey for Salesforce. This is an application that integrates with Login Flows, and the small YubiKey device that provides a one touch, two-factor authentication experience for logging into a Salesforce account.

The hardware-based YubiKey defines ease-of-use and helps prevent replay and brute force attacks that have defined recent password hacks. Because the YubiKey identifies itself to your computer as an external keyboard, there are no drivers to install and it ‘s compatible with any platform. In addition, there isn’t a battery to replace and malware cannot infect the firmware, a needed improvement over software-based authentication tokens.

Last year, Salesforce modernized its authentication platform with the introduction of Salesforce Identity, a set of Open APIs to support identity protocols such as SAML, OAuth, OpenID Connect and SCIM for single sign-on and federation.

This year, Salesforce is adding Login Flows to its platform in order to answer customer requests for the ability to add extra security and features like 2fa to end-user authentication. Yubico is adding YubiKey for Salesforce into that environment.

The solution is comprised of the YubiKey USB key and an application to validate Yubico one-time passwords against the YubiCloud service. The app also includes a console for IT to manage YubiKeys, including the ability to deal with lost YubiKeys, and an option for users to self-provision YubiKeys.

The end-user experience begins after the user enters their regular Salesforce username and password. Next, the user simply touches the lighted gold contact on the Yubikey inserted in their computer’s USB port – that’s it.  The touch produces a unique, one-time 44-character code that is passed to the computer as a second factor of authentication.

In addition, users with existing YubiKeys running under their default configuration will be able to use those keys with the YubiKey for Salesforce app.

We believe this stealth hardware device is the wave of the future — easy-to-use, simple, and secure.

 

For more information, see our Works with YubiKey page for Salesforce.com

Talk to our teamTalk to our team

Share this article:


  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard
  • Yubico recognized by TrustRadius 2025 Award for top customer reviewsAs AI-driven cyber threats like credential phishing evolve and grow in complexity, phishing-resistant YubiKeys are an important component toward cyber resilience — and our mission to make the internet more secure has never been more critical. To support this, customer feedback is something we take very seriously and is an invaluable tool to ensure we’re […]Read moreawardsTrustRadius
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Introducing the Yubico Academy: Enabling partners for a phishing-resistant futureAt Yubico, strong partnerships are fundamental to a more secure digital world. Our commitment goes beyond providing leading security keys; it’s about actively fostering the growth of our valued partners through impactful enablement programs. A cornerstone is the Yubico Academy, featuring our comprehensive certification program.  This program enables our partners’ teams to become Yubico experts, […]Read more