{"id":273,"date":"2026-06-22T10:06:18","date_gmt":"2026-06-22T05:06:18","guid":{"rendered":"https:\/\/doozyspot.com\/?p=273"},"modified":"2026-06-22T10:44:18","modified_gmt":"2026-06-22T05:44:18","slug":"salesforce-phishing-resistant-mfa-enforcement","status":"publish","type":"post","link":"https:\/\/doozyspot.com\/?p=273","title":{"rendered":"Salesforce Phishing-Resistant MFA Enforcement"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">Salesforce Phishing-Resistant MFA Enforcement<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Published:<\/strong> June 21, 2026 | <strong>Topic:<\/strong> Salesforce Security<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">&#x1f510; <strong>Salesforce enforces Phishing-Resistant MFA starting Today (June 22, 2026)\u2014 and there&#8217;s a critical signal change most admins missed<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Sandboxes go live <strong>June 22<\/strong>. Production follows <strong>July 1<\/strong> (30-day staggered rollout).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you manage privileged Salesforce users, stop what you&#8217;re doing and read this.<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" data-id=\"278\" src=\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png\" alt=\"\" class=\"wp-image-278\" srcset=\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png 1024w, https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-300x167.png 300w, https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-768x429.png 768w, https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1536x857.png 1536w, https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-2048x1143.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>What&#8217;s changing<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Salesforce Authenticator, TOTP apps (Google\/Microsoft Authenticator), SMS, and email are <strong>blocked<\/strong> for privileged users. Only these pass:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#x2705; Security Keys (YubiKey, USB\/NFC\/Bluetooth FIDO2) &#x2705; Built-in Authenticators (Windows Hello, Touch ID, Face ID) &#x2705; Passkeys \u2014 device-bound or cloud-synced (1Password, iCloud Keychain, Bitwarden)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Who is a &#8220;privileged user&#8221;? \u2014 more than you think<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All 5 of these are in scope:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>System Administrator profile<\/li>\n\n\n\n<li>Modify All Data<\/li>\n\n\n\n<li>View All Data \u2190 often overlooked<\/li>\n\n\n\n<li>Customize Application \u2190 often overlooked<\/li>\n\n\n\n<li>Author Apex<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Applies to direct UI logins, SSO, and internal users on Experience Cloud sites.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#x26a0;&#xfe0f; <strong>&#8220;Waive Multi-Factor Authentication for Exempt Users&#8221; permission no longer works after enforcement.<\/strong> If your org relies on this exemption, act now.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Not affected: API logins (UI only), Developer Edition \/ trial \/ scratch orgs, external Experience Cloud users.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>&#x1f6a8; June 16 update \u2014 Entra ID admins, this one&#8217;s for you<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Salesforce just reclassified these AMR signals from <strong>Phishing-Resistant \u2192 Standard MFA<\/strong> (meaning they now BLOCK privileged users):<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#x274c; <code>pin<\/code> &#x274c; <code>user<\/code> &#x274c; <code>vbm<\/code><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If your Microsoft Entra ID or other IdP is sending <code>pin<\/code> as the AMR value thinking it&#8217;s compliant \u2014 your admins will hit a blocked login screen starting tomorrow.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>From the field \u2014 what I&#8217;ve actually implemented<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#x1f539; <strong>SSO path (Microsoft Entra ID)<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">I&#8217;ve configured:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AMR signals<\/strong> with <code>cert<\/code> \u2192 maps to Certificate-Based Authentication (x.509)<\/li>\n\n\n\n<li><strong>ACR signals<\/strong> with <code>x509<\/code> \u2192 Authentication Context Class Reference for client cert<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The key gotcha: Entra ID \u2192 Salesforce signal handshake must be <strong>explicit<\/strong>. If your ACR\/AMR values aren&#8217;t declared in the SAML\/OIDC response, users pass SSO but still hit Salesforce&#8217;s enrollment prompt. The signal must be present AND match Salesforce&#8217;s accepted values list.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Confirmed valid phishing-resistant signals:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AMR: <code>cert<\/code>, <code>hwk<\/code>, <code>fido<\/code>, <code>fido2<\/code>, <code>passkey<\/code>, <code>phr<\/code>, <code>pki<\/code>, <code>sc<\/code>, <code>smartcard<\/code><\/li>\n\n\n\n<li>ACR: <code>x509<\/code>, <code>phr<\/code>, <code>fido<\/code>, <code>fido2<\/code>, <code>hwk<\/code>, <code>passkey<\/code>, <code>smartcard<\/code>, <code>tlsclient<\/code>, <code>wia<\/code><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">&#x1f539; <strong>Non-SSO path<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Tested <strong>Passkeys<\/strong> and <strong>Windows Hello<\/strong> directly \u2014 both work seamlessly. Windows Hello is the best UX for enterprise desktop users \u2014 no extra device needed, no app to open, just PIN or biometric.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/saas-apps\/salesforce-tutorial\">Configure Salesforce for Single sign-on in Microsoft Entra ID<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Your 3-step action plan before July 1<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1&#xfe0f;&#x20e3; <strong>Audit privileged users<\/strong> \u2014 run this SOQL (Salesforce just published it):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SELECT Id, Name, Email, Profile.Name, IsActive\nFROM User\nWHERE Profile.PermissionsModifyAllData = true\nOR Profile.PermissionsViewAllData = true\nOR Profile.PermissionsCustomizeApplication = true\nOR Profile.PermissionsAuthorApex = true\n<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">2&#xfe0f;&#x20e3; <strong>Enable Security Keys + Built-in Authenticators<\/strong> in Setup \u2192 Identity \u2192 Identity Verification. Activate Passkey login for frictionless UX.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3&#xfe0f;&#x20e3; <strong>Validate your SSO AMR\/ACR signals<\/strong> \u2014 check Login History (OIDC) or use a third-party SAML decoder for SAML ACR (not yet in Login History, planned for a future release).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">Sandbox enforcement starts <strong>tomorrow<\/strong>. Use it as your dress rehearsal before production goes live July 1.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Drop questions in the comments \u2014 happy to share what I&#8217;ve seen work (and what&#8217;s caused 3am lockout calls). &#x1f447;<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">&#x1f517; Official article (updated June 16): https:\/\/help.salesforce.com\/s\/articleView?id=005321563&amp;type=1<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">#Salesforce #SalesforceArchitect #MFA #CyberSecurity #IdentityManagement #MicrosoftEntraID #WebAuthn #Passkeys #SalesforceSecurity #SalesforceAdmin #CloudSecurity #PhishingResistant #ZeroTrust<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><em>&#x1f4a1; First comment suggestion (post immediately after publishing):<\/em> &#8220;Save this post \u2014 Sandbox enforcement starts June 22, Production July 1. The June 16 signal reclassification (pin\/user\/vbm) is the one catching orgs off guard right now.&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Salesforce Phishing-Resistant MFA Enforcement Published: June 21, 2026 | Topic: Salesforce Security &#x1f510; Salesforce enforces Phishing-Resistant MFA starting Today (June 22, 2026)\u2014 and there&#8217;s a critical signal change most admins missed Sandboxes go live June 22. Production follows July 1 (30-day staggered rollout). If you manage privileged Salesforce users, stop what you&#8217;re doing and read [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-273","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Salesforce Phishing-Resistant MFA Enforcement - DoozySpot<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/doozyspot.com\/?p=273\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Salesforce Phishing-Resistant MFA Enforcement - DoozySpot\" \/>\n<meta property=\"og:description\" content=\"Salesforce Phishing-Resistant MFA Enforcement Published: June 21, 2026 | Topic: Salesforce Security &#x1f510; Salesforce enforces Phishing-Resistant MFA starting Today (June 22, 2026)\u2014 and there&#8217;s a critical signal change most admins missed Sandboxes go live June 22. Production follows July 1 (30-day staggered rollout). If you manage privileged Salesforce users, stop what you&#8217;re doing and read [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/doozyspot.com\/?p=273\" \/>\n<meta property=\"og:site_name\" content=\"DoozySpot\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-22T05:06:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-22T05:44:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png\" \/>\n<meta name=\"author\" content=\"doozyspot\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"doozyspot\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/doozyspot.com\/?p=273#article\",\"isPartOf\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273\"},\"author\":{\"name\":\"doozyspot\",\"@id\":\"https:\/\/doozyspot.com\/#\/schema\/person\/bccb52398479b1354683df33f84154d6\"},\"headline\":\"Salesforce Phishing-Resistant MFA Enforcement\",\"datePublished\":\"2026-06-22T05:06:18+00:00\",\"dateModified\":\"2026-06-22T05:44:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273\"},\"wordCount\":544,\"publisher\":{\"@id\":\"https:\/\/doozyspot.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273#primaryimage\"},\"thumbnailUrl\":\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/doozyspot.com\/?p=273\",\"url\":\"https:\/\/doozyspot.com\/?p=273\",\"name\":\"Salesforce Phishing-Resistant MFA Enforcement - DoozySpot\",\"isPartOf\":{\"@id\":\"https:\/\/doozyspot.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273#primaryimage\"},\"image\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273#primaryimage\"},\"thumbnailUrl\":\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png\",\"datePublished\":\"2026-06-22T05:06:18+00:00\",\"dateModified\":\"2026-06-22T05:44:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/doozyspot.com\/?p=273#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/doozyspot.com\/?p=273\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/doozyspot.com\/?p=273#primaryimage\",\"url\":\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-scaled.png\",\"contentUrl\":\"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-scaled.png\",\"width\":2560,\"height\":1429},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/doozyspot.com\/?p=273#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/doozyspot.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Salesforce Phishing-Resistant MFA Enforcement\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/doozyspot.com\/#website\",\"url\":\"https:\/\/doozyspot.com\/\",\"name\":\"DoozySpot\",\"description\":\"One of its kind in knowledge base\",\"publisher\":{\"@id\":\"https:\/\/doozyspot.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/doozyspot.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/doozyspot.com\/#organization\",\"name\":\"DoozySpot\",\"url\":\"https:\/\/doozyspot.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/doozyspot.com\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/doozyspot.com\/wp-content\/uploads\/2023\/03\/download.jpg\",\"contentUrl\":\"http:\/\/doozyspot.com\/wp-content\/uploads\/2023\/03\/download.jpg\",\"width\":1200,\"height\":1200,\"caption\":\"DoozySpot\"},\"image\":{\"@id\":\"https:\/\/doozyspot.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/doozyspot.com\/#\/schema\/person\/bccb52398479b1354683df33f84154d6\",\"name\":\"doozyspot\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/doozyspot.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2584f56a7b7945fd49a8fdf22dd31fa7baf3cf6f10370736f2d2895c7d9219f4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2584f56a7b7945fd49a8fdf22dd31fa7baf3cf6f10370736f2d2895c7d9219f4?s=96&d=mm&r=g\",\"caption\":\"doozyspot\"},\"sameAs\":[\"http:\/\/doozyspot.com\"],\"url\":\"https:\/\/doozyspot.com\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Salesforce Phishing-Resistant MFA Enforcement - DoozySpot","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/doozyspot.com\/?p=273","og_locale":"en_US","og_type":"article","og_title":"Salesforce Phishing-Resistant MFA Enforcement - DoozySpot","og_description":"Salesforce Phishing-Resistant MFA Enforcement Published: June 21, 2026 | Topic: Salesforce Security &#x1f510; Salesforce enforces Phishing-Resistant MFA starting Today (June 22, 2026)\u2014 and there&#8217;s a critical signal change most admins missed Sandboxes go live June 22. Production follows July 1 (30-day staggered rollout). If you manage privileged Salesforce users, stop what you&#8217;re doing and read [&hellip;]","og_url":"https:\/\/doozyspot.com\/?p=273","og_site_name":"DoozySpot","article_published_time":"2026-06-22T05:06:18+00:00","article_modified_time":"2026-06-22T05:44:18+00:00","og_image":[{"url":"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png","type":"","width":"","height":""}],"author":"doozyspot","twitter_card":"summary_large_image","twitter_misc":{"Written by":"doozyspot","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/doozyspot.com\/?p=273#article","isPartOf":{"@id":"https:\/\/doozyspot.com\/?p=273"},"author":{"name":"doozyspot","@id":"https:\/\/doozyspot.com\/#\/schema\/person\/bccb52398479b1354683df33f84154d6"},"headline":"Salesforce Phishing-Resistant MFA Enforcement","datePublished":"2026-06-22T05:06:18+00:00","dateModified":"2026-06-22T05:44:18+00:00","mainEntityOfPage":{"@id":"https:\/\/doozyspot.com\/?p=273"},"wordCount":544,"publisher":{"@id":"https:\/\/doozyspot.com\/#organization"},"image":{"@id":"https:\/\/doozyspot.com\/?p=273#primaryimage"},"thumbnailUrl":"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/doozyspot.com\/?p=273","url":"https:\/\/doozyspot.com\/?p=273","name":"Salesforce Phishing-Resistant MFA Enforcement - DoozySpot","isPartOf":{"@id":"https:\/\/doozyspot.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/doozyspot.com\/?p=273#primaryimage"},"image":{"@id":"https:\/\/doozyspot.com\/?p=273#primaryimage"},"thumbnailUrl":"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-1024x572.png","datePublished":"2026-06-22T05:06:18+00:00","dateModified":"2026-06-22T05:44:18+00:00","breadcrumb":{"@id":"https:\/\/doozyspot.com\/?p=273#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/doozyspot.com\/?p=273"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/doozyspot.com\/?p=273#primaryimage","url":"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-scaled.png","contentUrl":"https:\/\/doozyspot.com\/wp-content\/uploads\/2026\/06\/Phishing-Resistant_MFA_Enforcement_Plan-3-scaled.png","width":2560,"height":1429},{"@type":"BreadcrumbList","@id":"https:\/\/doozyspot.com\/?p=273#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/doozyspot.com\/"},{"@type":"ListItem","position":2,"name":"Salesforce Phishing-Resistant MFA Enforcement"}]},{"@type":"WebSite","@id":"https:\/\/doozyspot.com\/#website","url":"https:\/\/doozyspot.com\/","name":"DoozySpot","description":"One of its kind in knowledge base","publisher":{"@id":"https:\/\/doozyspot.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/doozyspot.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/doozyspot.com\/#organization","name":"DoozySpot","url":"https:\/\/doozyspot.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/doozyspot.com\/#\/schema\/logo\/image\/","url":"http:\/\/doozyspot.com\/wp-content\/uploads\/2023\/03\/download.jpg","contentUrl":"http:\/\/doozyspot.com\/wp-content\/uploads\/2023\/03\/download.jpg","width":1200,"height":1200,"caption":"DoozySpot"},"image":{"@id":"https:\/\/doozyspot.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/doozyspot.com\/#\/schema\/person\/bccb52398479b1354683df33f84154d6","name":"doozyspot","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/doozyspot.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2584f56a7b7945fd49a8fdf22dd31fa7baf3cf6f10370736f2d2895c7d9219f4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2584f56a7b7945fd49a8fdf22dd31fa7baf3cf6f10370736f2d2895c7d9219f4?s=96&d=mm&r=g","caption":"doozyspot"},"sameAs":["http:\/\/doozyspot.com"],"url":"https:\/\/doozyspot.com\/?author=1"}]}},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/posts\/273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/doozyspot.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=273"}],"version-history":[{"count":3,"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/posts\/273\/revisions"}],"predecessor-version":[{"id":281,"href":"https:\/\/doozyspot.com\/index.php?rest_route=\/wp\/v2\/posts\/273\/revisions\/281"}],"wp:attachment":[{"href":"https:\/\/doozyspot.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/doozyspot.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/doozyspot.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}