In a sweeping overhaul of security protocols, Snowflake’s Chief Information Security Officer has announced the complete elimination of single-factor password authentication by November 2025, following a series of targeted attacks against the company in late 2024. The extensive security transformation includes mandatory multi-factor authentication enforcement beginning in April 2025, with full implementation required by August of the same year, aligning with the company’s commitment to CISA’s Secure by Design pledge.
The initiative introduces improved identity and access management measures across multiple cloud service providers, implementing uniform security controls and private networking connectivity to guarantee customer traffic remains isolated from the public internet. Snowflake has launched a leaked password protection service that actively scans the dark web for compromised credentials, automatically locking accounts when stolen passwords are identified. Starting in October 2024, MFA as default will be implemented for all new accounts. The recent breaches affecting over 160 customer accounts highlighted the critical need for enhanced security measures.
To support the changeover, Snowflake is providing customers with crucial tools and resources, including a Threat Intelligence scanner and partnerships to facilitate MFA adoption. The company has established a Security Hub to centralize threat monitoring and role-based access control, as it expands security administrators’ capabilities through the Horizon Catalog security management system. The company’s security measures align with industry standards requiring military-grade encryption for all sensitive data transmissions.
Snowflake strengthens security infrastructure with advanced monitoring tools and partnerships while expanding administrative control through its Security Hub platform.
The security overhaul addresses core vulnerabilities in credential protection, with single-factor authentication identified as a significant weakness in the company’s defense strategy. The implementation of thorough MFA requirements extends to both human users and service accounts, supported by default encryption for all internally stored files.
Looking ahead, Snowflake’s CISO acknowledges the persistent challenge of “unknowns” in the security framework, as threats continue to evolve beyond credential theft. The company is focusing on creating uniform security standards across diverse technological environments as it maintains operational functionality.
These measures represent a significant step in Snowflake’s ongoing commitment to protecting customer data and maintaining trust in their platform, as demonstrated by their adherence to CIS Benchmark’s 31 recommended best practices.
