Sep 15, 2025: Multi-factor authentication — Support for one-time passcodes¶

You can now generate one-time passcodes (OTPs) that users can use as their second factor of authentication when signing in to Snowflake with multi-factor authentication (MFA). Organizations often use OTPs to provide break glass access, that is, access when regular authentication methods are unavailable, such as when the organization’s identity provider has an outage.

To provide break glass access, an organization creates a dedicated Snowflake user, and then stores the user’s password and OTPs in a key vault. To access Snowflake, an administrator retrieves the password and an OTP from the vault, and then signs in.

For more information, see Setting up administrators for break glass access.