No MFA Enforcement from Salesforce?

One of my wonderful clients made me aware of a change in policy by Salesforce regarding enforcement of MFA that I thouight was really interesting. I’ve quoted it below. Basically, they’re saying that their clients were great about adopting MFA, and so they have decided to back off of forcing everyone to use MFA. That means the stragglers are basically off the hook and don’t have to use MFA, right? Well, no. Your EULA still requires you to use MFA even if Salesforce doesn’t enforce it, but it’s still interesting that they’ve done a complete 180 on this after all this time when they’ve been telling us we had do do it “or else” they’d do it for us.

*  Regarding MFA enforcement for products built on the Salesforce Platform

Thanks to the partnership of our customers, the program to automatically enable MFA for products built on the Salesforce Platform has resulted in a high rate of MFA adoption across Salesforce orgs. Because of this success, and wanting to be respectful of our customers’ valuable time and resources, we’re shifting to a new notification model instead of technically enforcing MFA during the Summer ‘24 release (as previously planned). For more information, see 'What is the current plan for enforcing MFA for products built on the Salesforce Platform?' in theSalesforce MFA FAQ.