Snowflake MFA 101: Enabling & Disabling
- Ian WhitestoneCo-founder & CEO of SELECT
Multi-factor authentication (MFA) can be used for free by all Snowflake customers to provide increased security when connecting to Snowflake. Let's talk about you can get setup with MFA in Snowflake.
How to enable MFA for a Snowflake User?
To enable MFA for your Snowflake user, click on your profile in the Snowsight UI:
At the bottom of your profile card, you'll see a section for Multi-factor authentication. Click the Enroll button:
Snowflake's MFA feature is powered by Cisco Duo. You do not need to separately sign up for Duo, but you will need to download the Duo Mobile Application on your phone.
Once enrolled, you'll see a screen like this the next time you log in.
How to disable MFA in Snowflake?
Disabling MFA can only be done programmatically with SQL by a user with the ACCOUNTADMIN role. Here's the command to disable MFA for a user:
use role accountadmin;
alter user ian set disable_mfa=true;