Adrian Johnson
TLDR:
- Snowflake has rolled out MFA by default on its platform alongside 14-character passwords.
- This move comes after a series of high-profile third-party hacks on Snowflake customers.
According to a recent article by Cyber Daily, Snowflake, a cloud data storage firm, has implemented multifactor authentication (MFA) by default on its platform. This decision follows a string of data breaches affecting Snowflake customers earlier in the year. In addition to MFA, Snowflake has also introduced a new password policy requiring passwords to be at least 14 characters long, an increase from the previous minimum length of eight characters.
The introduction of these enhanced security measures aligns with Snowflake’s commitment to protecting customer accounts and data. The company recently signed the Cybersecurity and Infrastructure Security Agency (CISA) Secure By Design Pledge and announced that MFA will be enforced by default for all human users in any Snowflake account created in October 2024.
In June 2024, security researchers discovered a coordinated campaign against Snowflake customers, with several organizations vulnerable to compromise due to the absence of MFA. Snowflake attributed the compromise to stolen credentials and highlighted the importance of using MFA to enhance security.
Companies like AT&T, Live Nation, and Neiman Marcus were among the victims of this targeted campaign. Snowflake’s decision to enforce MFA by default aims to mitigate such security risks and protect customer data from potential breaches.
